Date: Wed, 30 Nov 2011 20:10:04 +0100 From: Damien Fleuriot <ml@my.gd> To: Mark Moellering <mark@msen.com> Cc: FreeBSD <freebsd-questions@freebsd.org> Subject: Re: pf rdr (redirect) syntax solved Message-ID: <69313081-6D4F-45D3-88E7-8F80611B3FF8@my.gd> In-Reply-To: <4ED65E89.3080208@msen.com> References: <4ED65E89.3080208@msen.com>
index | next in thread | previous in thread | raw e-mail
On 30 Nov 2011, at 17:49, Mark Moellering <mark@msen.com> wrote: > My apologies for posting an answer without a question but this is something I want searchable in the future. > To use redirection ( rdr ) in pf, you MUST specify an ip address or interface. > For example, if you want to force external traffic coming in on port 80 to port 443 and write this; > > rdr on $interface inet proto tcp from ! $internal_addresses to $interface port 80 -> port 443 > > it FAILS! The PROPER syntax is; > > rdr on $interface inet proto tcp from ! $internal_addresses to $interface port 80 -> $interface port 443 > > I hope this helps someone... > > Mark Moellering > Do not take this personally but I find it exceedingly disturbing that you should use the ml as a documentation storage space. You really should store this kind of information internally, such as a comment in your pf.conf and/or a wiki. Additionally, you may find the correct syntax for rdr rules in man pf.conf, so you'll always have an example handy.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69313081-6D4F-45D3-88E7-8F80611B3FF8>