On 6/11/05, Graham Gower <[EMAIL PROTECTED]> wrote:
> > > rdr on $int_if inet proto tcp from $int_net to any port ftp ->
> > > 127.0.0.1 port 8021
> >
> > this works only for packets that *come to* OpenBSD box to be
> > routed, not the packets that are *originated* at the OpenBSD box.
>
> Are you by chance using a rule such as:
> rdr on $int_if inet proto tcp from ($int_if) to any port foo -> bar
> instead of:
> rdr on $int_if inet proto tcp from !($ext_if) to any port foo -> bar
> ?
for my experiments i was using the following:
rdr on $ext_if inet proto tcp from any to any port 8022 -> \
127.0.0.1 port 4444
but connections from the very box, that does this rdr, are
not catched by this rule. this is because, i believe, the rdr-s
are done from ip_input(). i see that i need do the famous
"use the source, luke". being a slacker, i hoped somebody
who knows the answer would eventually read my question
and save me for further slacking... alas :-)
> Graham
