From owner-freebsd-net@FreeBSD.ORG Sun Apr 15 18:11:42 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0B2EB16A402 for ; Sun, 15 Apr 2007 18:11:42 +0000 (UTC) (envelope-from tarkhil@webmail.sub.ru) Received: from mail.sub.ru (mail.sub.ru [88.212.205.2]) by mx1.freebsd.org (Postfix) with SMTP id 3916513C43E for ; Sun, 15 Apr 2007 18:11:40 +0000 (UTC) (envelope-from tarkhil@webmail.sub.ru) Received: (qmail 46586 invoked from network); 15 Apr 2007 22:17:00 +0400 Received: from unknown (HELO localhost) (88.212.205.2) by mail.sub.ru with SMTP; 15 Apr 2007 22:17:00 +0400 X-Virus-Scanned: by amavisd-new at mail.sub.ru Received: from unknown ([88.212.205.2]) by localhost (mail-new.sub.ru [88.212.205.2]) (amavisd-new, port 10024) with SMTP id TGNWq777P7Vj for ; Sun, 15 Apr 2007 22:16:55 +0400 (MSD) Received: from unknown (HELO ?89.222.147.9?) (tarkhil%sub.ru@89.222.147.9) by techno.sub.ru with SMTP; 15 Apr 2007 18:16:55 -0000 Message-ID: <46226AD3.3030806@webmail.sub.ru> Date: Sun, 15 Apr 2007 22:11:31 +0400 From: Alex Povolotsky User-Agent: Thunderbird 1.5.0.9 (X11/20070104) MIME-Version: 1.0 To: FreeBSD-Net mailing list Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Subject: Please help with PF-based redirector X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Apr 2007 18:11:42 -0000 Hello! I'm trying to set up a box as round-robin TCP proxy. Of course, I'm trying to do everything on kernel-level. This simple setup rdr on sk0 proto tcp from any to any port = smtp -> port 25 round-robin should work. At least, I thought so. However, attempt to connect to port 25 yielded unexpected result. pfctl -s state shows self tcp 89.108.94.212:25 <- 89.108.94.91:25 <- 89.108.94.211:56975 CLOSED:SYN_SENT connection never established, and no IP packet ever sends out to 89.108.94.212:25 I don't understand this thing. Maybe someone can point me to my error? (firewall rules a quite permissive, in fact, they are pass in quick and pass out quick for all interfaces. attempt to telnet to port 25 outside works ok) Alex.