Convert ipfw rule to pf
Matthias Fechner
idefix at fechner.net
Sun Apr 17 09:22:25 UTC 2016
Dear all,
I use sslh to have a transparent proxy for ssh/https in place.
The transparent proxy support of sslh requires ipfw rules to work.
I'm not sure if sslh is doing something in the background and that is
the reason why it is not working with pf.
Maybe we have here a pf guru on the list that can ensure the the rule
itself is correct.
The ipfw rule looks like:
# https
ipfw add 20000 fwd 192.168.0.251,443 log tcp from 192.168.0.251 8443 to
any out
ipfw add 20001 fwd 192.168.200.6,443 log tcp from 192.168.200.6 8443 to
any out
# ssh
ipfw add 20003 fwd 192.168.200.6,443 log tcp from 192.168.200.6 22 to
any out
In pf they look like:
rdr pass log inet proto tcp from 192.168.0.251 port 8443 to any ->
192.168.0.251 port 443
rdr pass log inet proto tcp from 192.168.200.6 port 8443 to any ->
192.168.200.6 port 443
rdr pass log inet proto tcp from 192.168.200.6 port 22 to any ->
192.168.200.6 port 443
Thanks.
Gruß
Matthias
--
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the universe trying to
produce bigger and better idiots. So far, the universe is winning." --
Rich Cook
More information about the freebsd-questions
mailing list