[pf4freebsd] Re: pf and spamd
Daniel Hartmeier
daniel at benzedrine.cx
Wed Sep 15 21:13:41 PDT 2004
On Sat, Aug 21, 2004 at 09:10:30PM +0800, Jett Tayer wrote:
> # spamd-setup puts addresses to be redirected into table <spamd>.
> table <spamd> persist
> no rdr on { lo0 } from any to any
> rdr inet proto tcp from <spamd> to any port smtp -> 127.0.0.1 port 8025
> pass in on lo0 inet proto tcp from <spamd> to 127.0.0.1 port 8025
The connection is coming in on a real interface (not lo0), so you have
to pass it on that interface. If the above was your entire ruleset, that
would be no issue (as it passes by default), but I assume you have a
more complex ruleset which blocks, too. Alternatively, add the 'pass'
option to the 'rdr' rule, so it doesn't require another pass rule.
In general, add 'log' to all your 'block' rules and watch pflog for
blocked packets. That's the standard first step when debugging rulesets.
Daniel
More information about the freebsd-pf
mailing list