On 8/15/05, Matt Garman <[EMAIL PROTECTED]> wrote: > I'm guessing that this has something to do with redirects on the > target website. I'm pretty sure that directon.com is actually an > alias for some other URL. I'm thinking that the pf ruleset on the > OBSD box is not allowing this. > > I'm using the pf example from the OpenBSD FAQ: > > http://openbsd.org/faq/pf/example1.html > > Has anyone else seen this before? > > Thanks for any suggestions, > Matt
I was using this nat line: nat on $ext_if from $int_if:network to any -> $ext_if And it worked for maybe 95% of traffice but was there was subtle breakage due to the fact that I had more than one address assigned to ext_if. For some sites (some webmail, and aol instant messenger, possibly others I didn't notice) it caused problems because the traffic seemed to leave from one address and return to another. Chaning the line to nat on $ext_if from $int_if:network to any -> $ext_address Where, obviously ext_address is an ip address in my usable range as opposed to the name of the interface (xl0 in my case), solved the strange issues I was having. Not sure if you are having the same issue... Mike PS Thanks to the the person in #openbsd who pointed out to me that this has to do with Nat address pools: http://www.openbsd.org/faq/pf/pools.html#nat