Re[3]: match keyword in pf for "no" action

pavel pocheptsov Sat, 22 Jan 2011 01:11:23 -0800

Fri, 21 Jan 2011 23:14:05 +0200 ohq|ln nr Destan YILANCI <[email protected]>:


Hi,

Use quick keyword and pass packets from <spamd-bypass> table to smtp service. 
At the second rule redirect packets from any source to spamd port.


2011/1/21 pavel pocheptsov <[email protected]>
I know about changes in PF sintax:
###################################################
   nat on $ext_if from 10/8 -> ($ext_if)
   rdr on $ext_if to ($ext_if) -> 1.2.3.4becomes
   match out on $ext_if from 10/8 nat-to ($ext_if)
   match in on $ext_if to ($ext_if) rdr-to 1.2.3.4
####################################################

and all is work fine.
but how to use previosly used:

"no rdr on $ext_if inet proto tcp from <spamd-bypass> to port smtp"

actually how to use "no" key for nat and rdr rules?
I do this to connect goodgays directly to sendmail in next pass-rule.


So, I need to do this:

match in on $ext_if proto tcp from any to $ext_if port smtp rdr-to 127.0.0.1 
port spamd
pass in quick on $ext_if proto tcp from <spam-bypass> to $ext_if port smtp

instead of pvevios syntax:

no rdr on $ext_if inet proto tcp from <spamd-bypass> to $ext_if  port smtp
rdr on $ext_if inet proto tcp from any to $ext_if port smtp -> 127.0.0.1 port 
spamd
pass on $ext_if inet proto tcp from any to $ext_if proto smtp

Re[3]: match keyword in pf for "no" action

Reply via email to