pf rdr (redirect) syntax solved
Damien Fleuriot
ml at my.gd
Wed Nov 30 19:10:22 UTC 2011
On 30 Nov 2011, at 17:49, Mark Moellering <mark at msen.com> wrote:
> My apologies for posting an answer without a question but this is something I want searchable in the future.
> To use redirection ( rdr ) in pf, you MUST specify an ip address or interface.
> For example, if you want to force external traffic coming in on port 80 to port 443 and write this;
>
> rdr on $interface inet proto tcp from ! $internal_addresses to $interface port 80 -> port 443
>
> it FAILS! The PROPER syntax is;
>
> rdr on $interface inet proto tcp from ! $internal_addresses to $interface port 80 -> $interface port 443
>
> I hope this helps someone...
>
> Mark Moellering
>
Do not take this personally but I find it exceedingly disturbing that you should use the ml as a documentation storage space.
You really should store this kind of information internally, such as a comment in your pf.conf and/or a wiki.
Additionally, you may find the correct syntax for rdr rules in man pf.conf, so you'll always have an example handy.
More information about the freebsd-questions
mailing list