I have come up w/ this pass in quick on pppoe0 dup-to ( re0_vlan201 192.168.100.2/32 ) inet proto udp from any port 5060 to any
I have an ATA device making a sip connection from the LAN to IP on the internet port 5060 udp. I want to be able to duplicate packets that travel inbound on that connection to a different host to examine/log missing some basic understandning I think. am I on the right track? On Wed, Feb 25, 2015 at 12:27 PM, Manojav Sridhar <[email protected]> wrote: > pfS Gurus! > > I gather the UI has no ability to add dup-to rules for pf. I am happy to > edit the filter.inc, but I am not sure where I should edit this to add my > dupto rule. I am trying to replicate this iptables rule > > iptables -t mangle -A POSTROUTING -p udp -d 192.168.100.0/23 -m string > --string "INVITE sip:" --algo kmp -j ROUTE --tee --gw 192.168.100.2 > > that I had running on my wrt based router. This is only bit of > functionality that I am having replicating with my move from tomato to > pfSense. This basically duplicates or "tees up" sends SIP invite packets > to a specific host. I know the string matching might be harder to do > (should still be possible using an L7 pattern, will get there in a bit) > > for the moment I will edit the rules.debug and reload the filter to test > out the rule. > > Any ideas as to where to start editing the filter.inc? > > Thanks all > Manoj > >
_______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
