Date: Wed, 30 Jun 2010 13:50:15 -0300 From: "Luiz Gustavo S. Costa" <luizgustavo@luizgustavo.pro.br> To: Vitaliy Vladimirovich <artemrts@ukr.net> Cc: freebsd-pf@freebsd.org Subject: Re: Re[2]: rdr + reply-to, some solution ? Message-ID: <AANLkTikxUfjPEc2D9j-heSB8MWbwRxj2p7qrK32SDDJ7@mail.gmail.com> In-Reply-To: <E1OU0Iv-000JKp-95@ffe9.ukr.net> References: <AANLkTimDyUL8BWaik3XbgixUakz_r_KgO63LwDoNsODK@mail.gmail.com> <E1OU0Iv-000JKp-95@ffe9.ukr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, Yep! # Nat section rdr on $if_ext2 proto tcp from any to $ip_ext2 port http tag http_link2 -> $dmz_http # Rule section pass in quick on $if_ext2 reply-to ($if_ext2 $gw_ext2) tagged http_link2 The reply-to is apply on the tag match. Thanks for Gabriel ! 2010/6/30 Vitaliy Vladimirovich <artemrts@ukr.net>: > > =A0=A0=A0=A0=A0=A0 Hi Luiz! > > =A0=A0 Can you post here your working final ruleset with rdr + replye-to?= Only > rdr + reply-to section. > > =A0 Thank you! > > > PERFECT !!!!! > > This is it ! (tribute to MJ) > > worked perfectly, had not really thought about using tag, perfect. > > thank you (valeu !) > > goodbye rinetd/redir ! > > 2010/6/28 Gabriel Fonseca <gabriel@ethx.com.br>: >> 2010/6/28 Luiz Gustavo S. Costa <luizgustavo@luizgustavo.pro.br> >>> >>> hi Chris ! how are you? >>> >>> as it says here in Brazil: "I eat ball" :). >>> >>> pass in $if_int reply-to ($if_ext2 $gw_ext2) proto tcp from any to >>> 192.168.1.100 port 80 >>> >>> but still, the combination does not work >>> >>> thanks >>> >>> >>> 2010/6/28 Chris Buechler <cbuechler@gmail.com>: >>> > On Mon, Jun 28, 2010 at 5:12 PM, Luiz Gustavo S. Costa >>> > <luizgustavo@luizgustavo.pro.br> wrote: >>> >> Hi all. >>> >> >>> >> I know there is a problem in using rdr with the reply-to, I usually >>> >> use some software to "rdr", as the rinetd, but it's not a pretty >>> >> solution. >>> >> >>> >> Is there any alternative? >>> >> >>> >> Below is an example of what I'm talking about. >>> >> >>> >> # Nat section >>> >> rdr on $if_ext2 proto tcp from any to 200.x.x.x port 80 -> >>> >> 192.168.1.100 >>> >> # Rules section >>> >> pass in $if_ext2 reply-to ($if_ext2 $gw_ext2) proto tcp from any to >>> >> 200.x.x.x port 80 >>> >> >>> > >>> > That rule won't match traffic from that rdr. The dest has to be the >>> > 192.168.1.100 IP. >>> > >>> >>> >>> >>> -- >>> Luiz Gustavo Costa (Powered by BSD) >>> *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ >>> mundoUnix - Consultoria em Software Livre >>> http://www.mundounix.com.br >>> ICQ: 2890831 / MSN: contato@mundounix.com.br >>> Tel: 55 (21) 2642-3799 / 7582-0594 >>> Blog: http://www.luizgustavo.pro.br >>> _______________________________________________ >>> freebsd-pf@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-pf >>> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >> >> >> Hi, Luiz "gugaBSD" Gustavo. >> I don't exactly what your need, but I'll try help. >> >> Try this: >> rdr on $if_ext2 proto tcp from any to 200.x.x.x port 80 tag LINK2 -> >> 192.168.1.100 >> pass in quick on $if_ext2 reply-to ( $if_ext2 $gw_ext2=A0 ) tagged LINK2 >> >> I hope that helps. >> >> Gabriel "ethX" Fonseca >> >> >> >> >> > > -- > Luiz Gustavo Costa (Powered by BSD) > *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ > mundoUnix - Consultoria em Software Livre > http://www.mundounix.com.br > ICQ: 2890831 / MSN: contato@mundounix.com.br > Tel: 55 (21) 2642-3799 / 7582-0594 > Blog: http://www.luizgustavo.pro.br > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > > --=20 Luiz Gustavo Costa (Powered by BSD) *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ mundoUnix - Consultoria em Software Livre http://www.mundounix.com.br ICQ: 2890831 / MSN: contato@mundounix.com.br Tel: 55 (21) 2642-3799 / 7582-0594 Blog: http://www.luizgustavo.pro.br
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTikxUfjPEc2D9j-heSB8MWbwRxj2p7qrK32SDDJ7>