Home » Mailing list archives » openbsd-misc » 2010 » September » 2

pf redirect problem

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Timothy Beyer
Subject: pf redirect problem
Date: Thursday, September 2, 2010 - 12:38 pm

Hello,

I'm having trouble setting up a redirect rule and I'm not sure where I'm going
wrong.  My redirect line and filter rules look like:

rdr on $ext_nic proto tcp from any to 38.xxx.xxx.213 -> 192.168.1.227
pass in on $ext_nic proto tcp from any to 192.168.1.227 port ssh queue ssh
pass in on $ext_nic proto tcp from any to 192.168.1.227 port www queue www

The output of 'pfctl -s nat' is:

nat on fxp0 inet from 192.168.1.0/24 to any -> 38.xxx.xxx.206
nat on fxp0 inet from 192.168.2.0/24 to any -> 38.xxx.xxx.207
nat on fxp0 inet from 192.168.3.0/24 to any -> 38.xxx.xxx.208
nat on dc3 inet from 192.168.1.0/24 to any -> 192.168.10.156
nat on fxp0 inet from 192.168.10.15 to any -> 38.xxx.xxx.206
rdr on fxp0 inet proto tcp from any to 38.xxx.xxx.209 -> 192.168.1.16
rdr on fxp0 inet proto tcp from any to 38.xxx.xxx.210 -> 192.168.1.21
rdr on fxp0 inet proto tcp from any to 38.xxx.xxx.212 -> 192.168.1.12
rdr on fxp0 inet proto tcp from any to 38.xxx.xxx.211 -> 192.168.1.24
rdr on fxp0 inet proto tcp from any to 38.xxx.xxx.213 -> 192.168.1.227

All of the other redirects are working.  I see my filter rule in the output
from 'pfctl -s rules' but I can't connect via ssh from an external network
after reloading pf.conf.  Any insight would be very much appreciated.  I've
posted my full conf at http://pastebin.com/TZa0WzE0 if needed.

Thanks,

Tim
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
pf redirect problem, Timothy Beyer, (Thu Sep 2, 12:38 pm)
Re: pf redirect problem, sven falempin, (Thu Sep 2, 2:05 pm)
Re: pf redirect problem, Timothy Beyer, (Thu Sep 2, 3:12 pm)
Re: pf redirect problem, Evgeniy Sudyr, (Thu Sep 2, 9:27 pm)