Date: Sun, 15 Jun 2008 16:08:56 -0700 From: Jeremy Chadwick <koitsu@FreeBSD.org> To: Margo =?iso-8859-1?Q?Szathm=E1r?= <mszathmar@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: rdr rules with pf Message-ID: <20080615230856.GA28450@eos.sc1.parodius.com> In-Reply-To: <c0fad4ee0806131734w42705ce3l1ce937c17c75ab67@mail.gmail.com> References: <c0fad4ee0806131734w42705ce3l1ce937c17c75ab67@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jun 13, 2008 at 05:34:16PM -0700, Margo Szathmár wrote: > I'm trying to set up jails behind a NAT on my FreeBSD 7.0 box here as I've > only got one IP to play with. I'm currently using pf with the following > configuration: > > ext_if="rl0" > external_addr="x.x.x.x" > internal_net="192.168.222.0/24" > > nat on $ext_if from $internal_net to any -> $external_addr > > rdr on rl0 proto tcp from any to any port 5223 -> 192.168.222.2 > pass in all > pass out all > > The jail in question is sitting on 192.168.222.2 and is able to connect out. > The only problem I'm having is that the rdr statement doesn't seem to be > working. Try adding "pass" to the rdr rule, e.g.: "rdr pass ..." -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080615230856.GA28450>