On Thu, 20 Jan 2011 11:51:34 +0100 Harald Dunkel <[email protected]> wrote:
> Hi folks, > > are the rdr-to and nat-to options in "pass" rules as sticky > as for "match" rules? No, "match" is what makes the options sticky. They are not sticky by themselfs. > Sample: > > pass in on $ext_if from any to 1.2.3.0/24 port 80 tag MYTAG rdr-to > $host_a > pass in on $ext_if from any to 1.2.3.42 port 80 > > > AFAIU traffic to 1.2.3.42 port 80 would be tagged with "MYTAG". > Would it be redirected, too? No, without "match" (or "quick") you are in the usual "last matching rule wins" territory. Packets "to 1.2.3.4 port 80" are handled by rule 2, so no "tag" or "rdr-to".
