From owner-freebsd-questions@FreeBSD.ORG Thu Dec 1 13:16:02 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 43773106567D for ; Thu, 1 Dec 2011 13:16:02 +0000 (UTC) (envelope-from artemrts@ukr.net) Received: from ffe16.ukr.net (ffe16.ukr.net [195.214.192.51]) by mx1.freebsd.org (Postfix) with ESMTP id E615A8FC1C for ; Thu, 1 Dec 2011 13:16:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ukr.net; s=ffe; h=Date:Message-Id:From:To:References:In-Reply-To:Subject:Cc:Content-Type:Content-Transfer-Encoding:MIME-Version; bh=O9VSTJT2QQ6aSGRXt+6M2a8UrHgzg9/KeCrAVNVFKxA=; b=KwG5ILF7WROuQNO4cx7fZHmm9E87NiH9nukz2YX8qDZJNZegr2IpMf69IARJSjNcs42qUhJfC1M0goA8tJzZdp7yOqhytC+XD07y9U7M7SoPo9MuHaeHBD11ocG+XKtSrTz9cjo9yH7OmNLbsAu7Eg950v9Tnjg0D9UyUgh/3kw=; Received: from mail by ffe16.ukr.net with local ID 1RW6Ua-000NjS-6R ; Thu, 01 Dec 2011 15:16:00 +0200 MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: binary Content-Type: text/plain; charset="windows-1251" In-Reply-To: <69313081-6D4F-45D3-88E7-8F80611B3FF8@my.gd> References: <4ED65E89.3080208@msen.com> <69313081-6D4F-45D3-88E7-8F80611B3FF8@my.gd> To: "Damien Fleuriot" From: =?WINDOWS-1251?B?wujy4Ovo6SDC6+Dk6Ozo8O7i6Pc=?= X-Mailer: freemail.ukr.net 4.0 X-Originating-Ip: [195.200.251.92] Message-Id: <88853.1322745360.11426236854852648960@ffe16.ukr.net> X-Browser: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0 Date: Thu, 01 Dec 2011 15:16:00 +0200 Cc: Mark Moellering , FreeBSD Subject: Re: pf rdr (redirect) syntax solved X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Dec 2011 13:16:02 -0000 --- Original message --- From: "Damien Fleuriot" To: "Mark Moellering" Date: 30 November 2011, 21:11:19 Subject: Re: pf rdr (redirect) syntax solved > On 30 Nov 2011, at 17:49, Mark Moellering wrote: > > > My apologies for posting an answer without a question but this is something I want searchable in the future. > > To use redirection ( rdr ) in pf, you MUST specify an ip address or interface. > > For example, if you want to force external traffic coming in on port 80 to port 443 and write this; > > > > rdr on $interface inet proto tcp from ! $internal_addresses to $interface port 80 -> port 443 > > > > it FAILS! The PROPER syntax is; > > > > rdr on $interface inet proto tcp from ! $internal_addresses to $interface port 80 -> $interface port 443 > > > > I hope this helps someone... > > > > Mark Moellering > > > > > Do not take this personally but I find it exceedingly disturbing that you should use the ml as a documentation storage space. > > You really should store this kind of information internally, such as a comment in your pf.conf and/or a wiki. I think this is purely your opinion. In many cases such short how-to is very useful, e.g. this rdr's example has helped me in my situation. Thanks, Mark!