Hi folks, In the example for the rdr-to and nat-to combination in the pf FAQs it seems that the http traffic is redirected back through the incoming interface:
pass in on $int_if proto tcp from $int_net to $ext_if port 80 \ rdr-to $server pass out on $int_if proto tcp to $server port 80 \ received-on $int_if nat-to $int_if $server seems to be a member of $int_if:network, AFAICS. According to the man page this won't work: "Redirections cannot reflect packets back through the interface they arrive on, they can only be redirected to hosts connected to different interfaces or to the firewall itself." Which one is right? Any helpful comment would be highly appreciated. Regards Harri
