On Jul 15, 2004, at 23:33, Edvard Lauman wrote:
rdr on $ext_if inet proto tcp from any to ($ext_if) port 80 -> $web_srv port 80
The RDR command tells the filter to redirect the packet, but do you have any lines that tell the filter to pass the packet? I have the following rule to redirect ports 80 and 22 to an internal server:
rdr on $ext_all proto tcp from any to any port { 22 80 } -> $int_ipAnd further down in my pf.conf I have rules to actually allow the packets to pass through:
pass in on $ext_all proto tcp from any to $int_ip port 22 \
flags S/SA keep state
pass in on $ext_all proto tcp from any to $int_ip port 80 \
flags S/SA keep state
($ext_all is a macro for my external interfaces.)
