From owner-freebsd-pf@FreeBSD.ORG  Tue Jan 30 18:11:05 2007
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 46DEA16A400
	for <freebsd-pf@freebsd.org>; Tue, 30 Jan 2007 18:11:05 +0000 (UTC)
	(envelope-from kobus@cits.com.na)
Received: from mx01.africaonline.com.na (smtp.africaonline.com.na
	[196.44.140.169])
	by mx1.freebsd.org (Postfix) with ESMTP id A5B7D13C46B
	for <freebsd-pf@freebsd.org>; Tue, 30 Jan 2007 18:11:04 +0000 (UTC)
	(envelope-from kobus@cits.com.na)
Received: from [196.44.146.194] (port=63977 helo=custompc1)
	by mx01.africaonline.com.na with esmtpa (Exim 4.51)
	id 1HBDSl-0004Bm-9P
	for freebsd-pf@freebsd.org; Sun, 28 Jan 2007 17:05:07 +0000
Message-ID: <036a01c742ff$a2cebd20$0b64400a@custompc1>
From: "Kobus de Wit" <kobus@cits.com.na>
To: <freebsd-pf@freebsd.org>
Date: Sun, 28 Jan 2007 19:13:31 +0200
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3028
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
X-RFC2646: Format=Flowed; Original
Sender: kobus@africaonline.com.na
Subject: REQUEST FOR ADVICE/INFO
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Kobus de Wit <kobus@cits.com.na>
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jan 2007 18:11:05 -0000

Hi All,

    I am running a FreeBSD 6.0 server with one network interface (rl0)
pointing to the Internet (public IP) and another pointing to internal
networks (rl1) (3 in total). PF is used to allow access to the Internet
(nat on $ext_if from $internal_net to any -> ($ext_if). On one of the
internal networks an EXIM mail server resides.

    The solution I am looking for is for interface rl0 to listen for
traffic destined for the mail server (on the mail server's public IP and
on the same subnet as rl0) and for PF to rdr it to the said server. My
pf.conf entry for the above is as follows:-

        rdr on $ext_if proto tcp on any to $external_addr/32 port 25 ->
192.168.21.10 port 25

    When I assign an IP alias address to rl0 my internet response (web
pages that do not open properly) becomes unsatisfactorily.

    Many thanks in advance.

    Kobus