Date: Fri, 11 Jan 2008 04:07:36 +0100 From: Max Laier <max@love2party.net> To: freebsd-pf@freebsd.org Subject: Re: Forwarding another host Message-ID: <200801110407.45454.max@love2party.net> In-Reply-To: <1a5f1a2d0801101837r338b5453m7a8f673e3b03833e@mail.gmail.com> References: <4784F7E3.3060508@rodhouse.org> <1200009515.36543.27.camel@xenon> <1a5f1a2d0801101837r338b5453m7a8f673e3b03833e@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart4486391.os118DlasU Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Friday 11 January 2008, Rodrique Heron wrote: > On 1/10/08, Michal Varga <varga.michal@gmail.com> wrote: > > On Thu, 2008-01-10 at 12:10 -0500, Rodrique Heron wrote: > > > Thanks > > > > > > FreeBSD syntax for log all is "log-all", I have no block rules. I > > > am passing everything with. > > > > > > pass in quick all > > > pass out qick all > > > > ah, I think this may be another problem. Syntax for log (all) really > > *was* log-all, in PF 3.7, that is approximately the version used in > > FreeBSD 6.x. I somehow forgot about this from your first mail. As > > FreeBSD 7 incporporates PF 3.9, things behave a little differently > > here and there. anyway, can you show me the exact PF config you are > > using now, one that you think should work and doesn't? > > Sorry for the duplicate, I forgot to CC the list. > > Both host are in the same broadcast domain,connected to the same > switch. Sounds like you are looking for some kind of reflection rather than just=20 redirection. If resources on the pf box are plenty and you don't mind=20 running network daemons on it, something like net/rinetd might do the=20 trick. > INTERNET > > > PIX Firewall > > > SWITCH*---*HOSTA 192.168.2.14 > * > > > * > HOSTB 192.168.2.27 > > > ### /etc/pf.conf > ext_if =3D "em0" > int_if =3D "lo0" > > host_ip =3D " 192.168.2.14" > jail_ip =3D "192.168.2.18" > external_host =3D "192.168.2.27" > > rdr on $ext_if proto tcp from any to $host_ip port 22 -> $external_host > port 22 > rdr on $ext_if proto tcp from any to $host_ip port 26 -> $jail_ip port > 22 > > pass in quick all > pass out quick all > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --nextPart4486391.os118DlasU Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQBHht2BXyyEoT62BG0RAuULAJ9XuK3RlEEnF9Wx1NS0NhR/iSYySACeLfO4 mVU7heqwqsczK/lT8skBCwo= =/hju -----END PGP SIGNATURE----- --nextPart4486391.os118DlasU--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200801110407.45454.max>