rdr rules with pf
Margo Szathmár
mszathmar at gmail.com
Sat Jun 14 00:50:14 UTC 2008
Hello everyone,
I'm trying to set up jails behind a NAT on my FreeBSD 7.0 box here as I've
only got one IP to play with. I'm currently using pf with the following
configuration:
ext_if="rl0"
external_addr="x.x.x.x"
internal_net="192.168.222.0/24"
nat on $ext_if from $internal_net to any -> $external_addr
rdr on rl0 proto tcp from any to any port 5223 -> 192.168.222.2
pass in all
pass out all
The jail in question is sitting on 192.168.222.2 and is able to connect out.
The only problem I'm having is that the rdr statement doesn't seem to be
working.
The examples I've been able to find so far encompass only situations in
which the box has more than one nic (see a lot of ext_if and int_if) and I
haven't been able
to find anything concrete.
The box is also running ipfw which I suspect may be causing some conflicts
... to bypass these, however, I've added rule 1 as "allow ip from any to
any"
Can anyone point out my error? I realize that this question is probably
asked near constantly and there's probably some link I simply haven't
consulted yet and for that I apologize.
Thanks for your input!
With love,
Margo S.
More information about the freebsd-pf
mailing list