Fun with PF & redirection
Stephen Hocking
stephen.hocking at gmail.com
Mon Dec 22 20:18:08 UTC 2014
Spot on! It turns out the issue was that the port ranges need to be in
ascending order, as you suggested. I now have a small box which is capable
of driving Nessus to tears.
On Mon, Dec 22, 2014 at 11:48 PM, krad <kraduk at gmail.com> wrote:
> should that be 5044:65334 rather than 65334:5044?
> also make sure you are not filtering ports 5044-65334 and that the $spoof_port
> isnt filtered
>
> On 21 December 2014 at 20:40, Stephen Hocking <stephen.hocking at gmail.com>
> wrote:
>
>> Hi all,
>>
>> I'm using PF on a 10.1 box, and am trying to redirect a range of ports to
>> a
>> single port, with a rule like this:
>>
>> rdr on $ext_if proto tcp from any to any port 65334:5044 -> $spoof_host
>> port $spoof_port
>>
>> spoof_host has been set to 127.0.0.1.
>>
>> This does not seem to work. Any ideas?
>>
>>
>> Stephen
>> _______________________________________________
>> freebsd-hackers at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org
>> "
>>
>
>
More information about the freebsd-hackers
mailing list