From owner-freebsd-pf@FreeBSD.ORG Sun Aug 19 05:03:32 2007 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AB66616A468 for ; Sun, 19 Aug 2007 05:03:28 +0000 (UTC) (envelope-from davidn04@gmail.com) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.238]) by mx1.freebsd.org (Postfix) with ESMTP id 5B29813C468 for ; Sun, 19 Aug 2007 05:03:28 +0000 (UTC) (envelope-from davidn04@gmail.com) Received: by wx-out-0506.google.com with SMTP id i29so824460wxd for ; Sat, 18 Aug 2007 22:03:27 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=Q69wsHZeblt6zo8NQexepKaxgi5j300RQQxh2RbgFTd2KT1BvMApbn9fmQ5ot1AcG4tNoikbjasPjclaKe646uyJAO+ukRf4PjFYo4pZ07VxqH8oI7L3pFrECwPFuT/H5mZifYXDexY0WEVFr2DzH3wOeP1oZgo4CVgR3jPXgwE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=cCwha0pFU75LpoAm8tah+VXM6A14xzmcQPD0K65yF5hqUVDgzFhGY5S4cMakkbajY4VzHBF3tGW4DS2dH5Is9ksPW7sus+rgIPrjJaEECM6urtBWiWzqM3icOI7/8D2zV6V425jZMr5Gx8jz04k85s0NlboW+Kq+F3KussdqB84= Received: by 10.90.73.7 with SMTP id v7mr229566aga.1187498308178; Sat, 18 Aug 2007 21:38:28 -0700 (PDT) Received: by 10.90.89.13 with HTTP; Sat, 18 Aug 2007 21:38:28 -0700 (PDT) Message-ID: <4d7dd86f0708182138x49da1b49le12461fbae2b6298@mail.gmail.com> Date: Sun, 19 Aug 2007 14:38:28 +1000 From: "David N" To: freebsd-pf@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: Port Forwarding to different address X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Aug 2007 05:03:32 -0000 Hello, FreeBSD 6.2 I've been at this for an entire day and completely stumped. I'm trying to port forward from one port number to a different port number. I tried the normal port forwarding (same port number), that works. but when i try different ones it doesn't work. I know about the reflection problem, so I'm testing this via another remote machine. ext_if="ng0" int_if="re0" int_net="192.168.1.0/24" scrub in all nat on $ext_if from $int_net to any -> ($ext_if) rdr on $ext_if pro to tcp from any to any port 22011 -> 192.168.1.10 port 22 pass in all pass out all ---- Snip I've tried it with the same port, eg. rdr on $ext_if proto tcp from any to any port 22 -> 192.168.1.10 port 22 that works. But with the original rule i do ssh -p 22011 example.net ssh: connect to host example.net port 22011: Connection refused I've tried rdr on $ext_if pro to tcp from any to $ext_if port 22011 -> 192.168.1.10 port 22 with no luck as well I have net.inet.ip.forwarding: 1 I'm not quite sure what else to do. Regards David N