On Jul 8, 2009, at 6:27 PM, Erich Weiler wrote:
Thanks Bart!
It almost works... Now it seems to redirect ALL traffic with a dest
port of 22 to port 1000, not just traffic from 10.1.1.1. My files
look like this:
ipnet.conf:
rdr e1000g1 0.0.0.0/0 port 22 -> 192.168.1.1 port 1000 tcp
The 0.0.0.0/0 stands for all addresses.
ipf.conf:
block in on e1000g1 all
pass in on e1000g1 proto tcp from 10.1.1.1 to 192.168.1.1 port = 22
flags S keep state
pass in on e1000g1 all
Maybe I made a typo somewhere?
Use quick on the second line:
pass in quick on e1000g1 proto tcp from 10.1.1.1 to 192.168.1.1 port =
22 flags S keep state
Quick tells ipfilter to run that line immediately and pass that
traffic in.
Remove the third line since it defeats the purpose of the first line.
--
Randy
OS X - UNIX for the rest of us
NetBSD - It's Explosive!
Marten - Prograph for OS X. Yes!
