Date: Sat, 19 Mar 2011 12:44:34 +0100 From: Vilem Kebrt <vilem.kebrt@gmail.com> To: freebsd-pf@freebsd.org Subject: Re: PFsync & RDR/NAT Message-ID: <4D849722.9010003@gmail.com> In-Reply-To: <64167BE5-C27D-415C-A490-0953DC30B6DD@littlebluecar.co.uk> References: <20110131112244.839B610656A8@hub.freebsd.org> <9C34D3E1-5F82-461B-AD1D-9BD7402D794E@littlebluecar.co.uk> <4D838372.2060401@gibfest.dk> <64167BE5-C27D-415C-A490-0953DC30B6DD@littlebluecar.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Dne 19.3.2011 9:46, Melissa Jenkins napsal(a):
> Hi Thomas,
>
> I wish it was that simple :(
>
> If I add it to the rdr I get an error loading the file:
> rdr pass on $if proto udp from<napts> to any port 53 -> 127.0.0.1 port 53 keep state (no-sync)
>
> pf.conf:124: syntax error
Hi Melissa,
call me old school but keep state on UDP ?
btw on rdr is no pass. - pass is to filter rules, rdr to nat rules :)
example:
rdr on em0 proto {tcp,udp} from any to $my_ip port 53 -> $int_ip port 53
I'm using both protocols, 'cause when response is long, dns resolver
will use tcp.
William
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D849722.9010003>