Date: Thu, 01 Dec 2011 15:16:00 +0200 From: =?WINDOWS-1251?B?wujy4Ovo6SDC6+Dk6Ozo8O7i6Pc=?= <artemrts@ukr.net> To: "Damien Fleuriot" <ml@my.gd> Cc: Mark Moellering <mark@msen.com>, FreeBSD <freebsd-questions@freebsd.org> Subject: Re: pf rdr (redirect) syntax solved Message-ID: <88853.1322745360.11426236854852648960@ffe16.ukr.net> In-Reply-To: <69313081-6D4F-45D3-88E7-8F80611B3FF8@my.gd> References: <4ED65E89.3080208@msen.com> <69313081-6D4F-45D3-88E7-8F80611B3FF8@my.gd>
next in thread | previous in thread | raw e-mail | index | archive | help
--- Original message --- From: "Damien Fleuriot" <ml@my.gd> To: "Mark Moellering" <mark@msen.com> Date: 30 November 2011, 21:11:19 Subject: Re: pf rdr (redirect) syntax solved > On 30 Nov 2011, at 17:49, Mark Moellering <mark@msen.com> wrote: > > > My apologies for posting an answer without a question but this is something I want searchable in the future. > > To use redirection ( rdr ) in pf, you MUST specify an ip address or interface. > > For example, if you want to force external traffic coming in on port 80 to port 443 and write this; > > > > rdr on $interface inet proto tcp from ! $internal_addresses to $interface port 80 -> port 443 > > > > it FAILS! The PROPER syntax is; > > > > rdr on $interface inet proto tcp from ! $internal_addresses to $interface port 80 -> $interface port 443 > > > > I hope this helps someone... > > > > Mark Moellering > > > > > Do not take this personally but I find it exceedingly disturbing that you should use the ml as a documentation storage space. > > You really should store this kind of information internally, such as a comment in your pf.conf and/or a wiki. I think this is purely your opinion. In many cases such short how-to is very useful, e.g. this rdr's example has helped me in my situation. Thanks, Mark!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?88853.1322745360.11426236854852648960>