Using 'rdr' on outbound connections
B.Candler at pobox.com
Thu Sep 15 05:04:39 PDT 2005
On Thu, Sep 15, 2005 at 12:39:18PM +0100, Greg Hennessy wrote:
> > rdr pass proto tcp from any to any port 25 -> 127.0.0.1 port
> > 25 rdr pass on lo0 proto tcp from any to any port 25 ->
> > 127.0.0.1 port 25 rdr pass on fxp0 proto tcp from any to any
> > port 25 -> 127.0.0.1 port 25
> Have you tried rdr on its own combined with an explicit pass rule in your
> policy ?
I tried 'rdr' by itself originally, yes. There is no extra policy at all in
this ruleset; that's my entire /etc/pf.conf. Since filter policy defaults to
'pass', then it shouldn't make any different, should it?
I appreciate you making suggestions, but perhaps if you have a spare machine
available, you could try replicating the problem? It's different from your
squid setup, where traffic originates from another client and passes through
your FreeBSD router. As I said before, I've demonstrated to myself that rdr
works when the traffic is inbound from another machine.
More information about the freebsd-pf