I have a fresh install of OpenBSD 4.5 on i386
I am trying to redirect port 443 (SSL) from the Internet to a Windows 2003
Server.
The pf.conf rule is:
rdr pass on $ext_if proto tcp to port 443 -> 192.168.105.2 port 443
>From a remote machine, I am unable to access the server using SSL:
$ telnet server 443
Trying server...
telnet: connect to address x.x.x.x: Connection timed out
Yet another rule that redirects port 1443 to port 443 works:
rdr pass on $ext_if proto tcp to port 1443 -> 192.168.105.2 port 443
$ telnet server 1443
Trying server...
Connected to server.
Escape character is '^]'.
Likewise: https://server fails and https://server:1443 works
But I need port 443
(server is replacing the actual FQDN)
-----------------------------------------------------------------------------
----
# cat /etc/pf.conf
ext_if="rl0"
int_if="msk0"
set skip on lo
scrub in
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
nat on $ext_if from !($ext_if) -> ($ext_if:0)
rdr pass on $ext_if proto tcp to port 443 -> 192.168.105.2 port 443
rdr pass on $ext_if proto tcp to port 1443 -> 192.168.105.2 port 443
rdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021
anchor "ftp-proxy/*"
block in log
pass out
pass quick on $int_if no state
antispoof quick for lo
pass in on $ext_if proto tcp to ($ext_if) port ssh
-----------------------------------------------------------------------------
----
