Date: Thu, 15 Sep 2005 13:16:19 +0100 From: "Greg Hennessy" <Greg.Hennessy@nviz.net> To: "'Brian Candler'" <B.Candler@pobox.com> Cc: freebsd-pf@freebsd.org Subject: RE: Using 'rdr' on outbound connections Message-ID: <20050915121619.68C874D@gw2.local.net> In-Reply-To: <20050915120749.GA1235@uk.tiscali.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > I tried 'rdr' by itself originally, yes. There is no extra > policy at all in this ruleset; that's my entire /etc/pf.conf. > Since filter policy defaults to 'pass', then it shouldn't > make any different, should it? It could do, Make the 1st line of the policy block log all And see what it catches. > > I appreciate you making suggestions, but perhaps if you have > a spare machine available, you could try replicating the > problem? Nothing spare I'm afraid. > It's different from your squid setup, where traffic > originates from another client and passes through your > FreeBSD router. As I said before, I've demonstrated to myself > that rdr works when the traffic is inbound from another machine. Code up a very specific pass log quick rule with a default policy of block. If the pass rule doesn't catch it, the block log all should tell you what the specifics are. Greg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050915121619.68C874D>