Merging pf redirection rules with macros?

pekka Sat, 19 Jan 2013 15:09:10 -0800

Hi,

is there a way to shorten these redirection rules with some macros


server1 = 192.168.140.1
server2 = 192.168.140.2
server3 = 192.168.140.3
server4 = 192.168.140.4
rdp_port1 = 10001
rdp_port2 = 10002
rdp_port3 = 10003
rdp_port4 = 10004

pass in log on $ext_if proto tcp from any to $ext_if port $rdp_port1 \rdr-to $server1 port 3389pass in log on $ext_if proto tcp from any to $ext_if port $rdp_port2 \rdr-to $server2 port 3389pass in log on $ext_if proto tcp from any to $ext_if port $rdp_port3 \rdr-to $server3 port 3389pass in log on $ext_if proto tcp from any to $ext_if port $rdp_port4 \rdr-to $server4 port 3389


The port number is always "server number + 10000"

The manual says port ranges are supported with:

pass in on tl0 proto tcp from any to any port 10001:10004 \
   rdr-to 192.168.140.1 port 3389

but is there a way to use similar accemding ordering for "servers"
somehow like this:

pass in on tl0 proto tcp from any to any port 10001:10004 \
   rdr-to "192.168.140.1":"192.168.140.4" port 3389

-pekka-

Merging pf redirection rules with macros?

Reply via email to