PF Traffic Redirection issues

[Spas Karabelov]

Hello,

I am trying to perform traffic redirection with PF on 7.2-RELEASE.
The traffic is in the same subnet and I try doing that by using just one
interface em0.
Mu current setup of pf is as follows:

No ALTQ support in kernel
ALTQ related functions disabled
TRANSLATION RULES:
rdr pass on em0 inet proto tcp from any os "NMAP" to any port 1:65535 ->
192.168.128.170 port 22
rdr pass on em0 inet proto tcp from 192.168.128.126 to any port = http ->
192.168.128.103 port 83
rdr pass on em0 inet proto tcp from 192.168.128.126 to any port = rdp ->
192.168.128.102 port 3389
rdr pass on em0 inet proto tcp from any to any port = ctf -> 192.168.128.102
port 83

FILTER RULES:
scrub in all fragment reassemble
block drop log all
block drop in on ! em0 inet from 192.168.128.0/24 to any
block drop in inet from 192.168.128.170 to any
pass in on em0 inet proto tcp from any to 192.168.128.170 port = ssh flags
S/SA keep state
pass in on em0 inet proto tcp from any to 192.168.128.102 port = ctf flags
S/SA synproxy state
pass in on em0 inet proto tcp from any to 192.168.128.103 port = mit-ml-dev
flags S/SA synproxy state
pass out all flags S/SA keep state


When I try to perform request they get the state of *SYN_SENT:CLOSED* :
No ALTQ support in kernel
ALTQ related functions disabled
all tcp 192.168.128.170:22 <- 192.168.128.126:53162
ESTABLISHED:ESTABLISHED
all tcp 192.168.128.102:83 <- 192.168.128.170:84 <- 192.168.128.104:8351
CLOSED:SYN_SENT
all tcp 192.168.128.104:8351 -> 192.168.128.102:83       *SYN_SENT:CLOSED*



Any advice is much appreciated.

KR,

Spas