Date: Sun, 17 Apr 2016 11:22:05 +0200 From: Matthias Fechner <idefix@fechner.net> To: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Convert ipfw rule to pf Message-ID: <a2dca6c6-e5cf-2732-203f-396a61737bac@fechner.net>
next in thread | raw e-mail | index | archive | help
Dear all, I use sslh to have a transparent proxy for ssh/https in place. The transparent proxy support of sslh requires ipfw rules to work. I'm not sure if sslh is doing something in the background and that is the reason why it is not working with pf. Maybe we have here a pf guru on the list that can ensure the the rule itself is correct. The ipfw rule looks like: # https ipfw add 20000 fwd 192.168.0.251,443 log tcp from 192.168.0.251 8443 to any out ipfw add 20001 fwd 192.168.200.6,443 log tcp from 192.168.200.6 8443 to any out # ssh ipfw add 20003 fwd 192.168.200.6,443 log tcp from 192.168.200.6 22 to any out In pf they look like: rdr pass log inet proto tcp from 192.168.0.251 port 8443 to any -> 192.168.0.251 port 443 rdr pass log inet proto tcp from 192.168.200.6 port 8443 to any -> 192.168.200.6 port 443 rdr pass log inet proto tcp from 192.168.200.6 port 22 to any -> 192.168.200.6 port 443 Thanks. Gruß Matthias -- "Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the universe trying to produce bigger and better idiots. So far, the universe is winning." -- Rich Cook
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a2dca6c6-e5cf-2732-203f-396a61737bac>