How to make "divert-to" and "dirvet-reply" work
boyd yang
boyd.yang at gmail.com
Tue Dec 6 02:21:11 UTC 2016
Hi All,
The "divert-to" and "divert-reply" function seems wonderful in the
document: man pf.conf
divert-to <host> port <port>
Used to redirect packets to a local socket bound to host and
port.
The packets will not be modified, so getsockname(2) on the socket
will return the original destination address of the packet.
divert-reply
Used to receive replies for sockets that are bound to addresses
which are not local to the machine. See setsockopt(2) for
informa-
tion on how to bind these sockets.
But they do not work.
Below two patches do not work either.
https://lists.freebsd.org/pipermail/freebsd-net/2009-June/022166.html
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188511
How to implement the two functions?
My OS is FreeBSD 10.3 amd64.
I want that binding not-local address socket can connect successfully to
another server.
But now the socket cannot get SYN ACK packet.
More information about the freebsd-pf
mailing list