Date: Thu, 15 Sep 2005 13:16:19 +0100 From: "Greg Hennessy" <Greg.Hennessy@nviz.net> To: "'Brian Candler'" <B.Candler@pobox.com> Cc: freebsd-pf@freebsd.org Subject: RE: Using 'rdr' on outbound connections Message-ID: <20050915121619.68C874D@gw2.local.net> In-Reply-To: <20050915120749.GA1235@uk.tiscali.com>
index | next in thread | previous in thread | raw e-mail
> > I tried 'rdr' by itself originally, yes. There is no extra > policy at all in this ruleset; that's my entire /etc/pf.conf. > Since filter policy defaults to 'pass', then it shouldn't > make any different, should it? It could do, Make the 1st line of the policy block log all And see what it catches. > > I appreciate you making suggestions, but perhaps if you have > a spare machine available, you could try replicating the > problem? Nothing spare I'm afraid. > It's different from your squid setup, where traffic > originates from another client and passes through your > FreeBSD router. As I said before, I've demonstrated to myself > that rdr works when the traffic is inbound from another machine. Code up a very specific pass log quick rule with a default policy of block. If the pass rule doesn't catch it, the block log all should tell you what the specifics are. Greghome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050915121619.68C874D>