Date: Tue, 6 Dec 2016 10:21:10 +0800 From: boyd yang <boyd.yang@gmail.com> To: freebsd-pf@freebsd.org Subject: How to make "divert-to" and "dirvet-reply" work Message-ID: <CAE8kqZJK4MQi_6w7Cm13XXeUd7HKgbvZa9cYf1JSDHfgbsnZ5w@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi All,
The "divert-to" and "divert-reply" function seems wonderful in the
document: man pf.conf
divert-to <host> port <port>
Used to redirect packets to a local socket bound to host and
port.
The packets will not be modified, so getsockname(2) on the socket
will return the original destination address of the packet.
divert-reply
Used to receive replies for sockets that are bound to addresses
which are not local to the machine. See setsockopt(2) for
informa-
tion on how to bind these sockets.
But they do not work.
Below two patches do not work either.
https://lists.freebsd.org/pipermail/freebsd-net/2009-June/022166.html
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188511
How to implement the two functions?
My OS is FreeBSD 10.3 amd64.
I want that binding not-local address socket can connect successfully to
another server.
But now the socket cannot get SYN ACK packet.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAE8kqZJK4MQi_6w7Cm13XXeUd7HKgbvZa9cYf1JSDHfgbsnZ5w>