One of our internal customers asked me to setup a bypass rule for some outbound SMTP tests so that they could send to a specific high port (e.g. 60025) and have it redirect to port 25 on the same target. I feel like I'm overlooking something obvious, but I don't see any way to do this with nat or rdr. This feels like some sort of hybrid nat/rdr function. Example connection:
10.0.0.20:1025 -> 1.2.3.4:60025 becomes... 10.0.0.20:1025 -> <fw_ext>:2048 -> 1.2.3.4:25 This customer does a lot of messaging tests, so it's important for them to be able to send from any of their test systems to a variety of external vendor systems to test compliance. Using a designated "bypass port" will make it easy on them to test with any of their systems. If there's no way to do this with PF we'll just have to set aside a pool of addresses to bypass the existing SMTP filters instead. Thanks, -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
