NAT problem
Nicolas Salvo
nicolas.salvo at gmail.com
Thu Oct 18 18:10:47 PDT 2007
Hi folks, I have a problem when trying to change the destination port
number for a connection, our ISP has a transparent proxy, and we need
to bypass it, we have 2 iptables firewalls, when a connection is
generated to the port 80 the firewall changes the destination port to
81, and in the other side is reversed, that is done with a DNAT rule
in the PREROUTING table, my problem is that I can't find how to do
this with PF, we are (trying) to move our gw to FreeBSD, but this it's
stacking me.
This is what I did:
$ext_if = "rl0"
$int_if = "rl1"
$int_net = "192.168.0.0/24"
$proxy_bypass_needed = "xxx.xxx.xxx.xxx"
nat on $ext_if from $int_net to $proxy_bypass_needed port 80 -> $ext_if port 81
This was our best effort but we only changed the source port to 81,
and we need to change the destination port.
I didn't find anything about this in the pf.conf man page nor in
google, so I will appreciate your help.
Thanks.
--
Nicolas A. Salvo
Capital Federal
Buenos Aires - Argentina
More information about the freebsd-pf
mailing list