Date: Wed, 29 Mar 2017 23:06:37 +0200 From: "Kristof Provost" <kristof@sigsegv.be> To: "David Mehler" <dave.mehler@gmail.com> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: Two pf questions Message-ID: <AE749152-1207-469C-B0B3-84515187ED8C@sigsegv.be> In-Reply-To: <CAPORhP4JA_Jak7fL8Ko7wwoxGob=qLDzPLxtTgekoumqQJEGmA@mail.gmail.com> References: <CAPORhP4JA_Jak7fL8Ko7wwoxGob=qLDzPLxtTgekoumqQJEGmA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 27 Mar 2017, at 16:37, David Mehler wrote: > My second question is one of nat reflection is the term. I've got a > jail running a service on port 8000. I've got external redirect rules > and pass rules passing in the traffic. The problem is I've got need to > get access to that machine port 8000 on the host machine. > > I try something like ssh user@xxx.xxx.xxx.xxx -p 8000 > Presumably you’ve got a rule like this: rdr on $ext_if proto tcp from any to any port 8000 -> $jail port 80 Add something like rdr on $int_if proto tcp from $localnet to ($ext_if) port 8000 -> $jail port 80 Regards, Kristof
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AE749152-1207-469C-B0B3-84515187ED8C>