rdr rules with pf
Jeremy Chadwick
koitsu at FreeBSD.org
Sun Jun 15 23:08:56 UTC 2008
On Fri, Jun 13, 2008 at 05:34:16PM -0700, Margo Szathmár wrote:
> I'm trying to set up jails behind a NAT on my FreeBSD 7.0 box here as I've
> only got one IP to play with. I'm currently using pf with the following
> configuration:
>
> ext_if="rl0"
> external_addr="x.x.x.x"
> internal_net="192.168.222.0/24"
>
> nat on $ext_if from $internal_net to any -> $external_addr
>
> rdr on rl0 proto tcp from any to any port 5223 -> 192.168.222.2
> pass in all
> pass out all
>
> The jail in question is sitting on 192.168.222.2 and is able to connect out.
> The only problem I'm having is that the rdr statement doesn't seem to be
> working.
Try adding "pass" to the rdr rule, e.g.: "rdr pass ..."
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
More information about the freebsd-pf
mailing list