* jirib <ji...@devio.us> [2011-03-21 09:55]: > On Sat, 19 Mar 2011 21:28:09 +0100 > Henning Brauer <lists-open...@bsws.de> wrote: > > > it was working for me - rdr-to outbound to a daemon on the firewall > > > itself, but I deleted that virtual machine... > > > rdr-to is usually applied inbound. If applied > > > outbound, rdr-to to a local IP address is not supported. > > > I would put my hand in fire -- it was working :) I read the manpage > > > but I don't get it, how could it work then? > > pretty certain it could not have worked. the rdr-to in this case is > > too late and the local/remote decision already taken. > I understand I'm becoming annoying but it worked, but maybe I was on > drugs... Unfortunatelly no evidence in hand now :) I tested like this:
might have run into a case where it works out of coincidence. I am not going to track this down for you now. > Any idea how to redirect outgoing traffic to local port? > Would this be hard to add such funcionality into PF? (I don't like > such comparisons but it can be done on other OS.) it is not a pf matter, it is in the stack and not feasible. no interest here. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting