On Aug 7, 2004, at 03:05, Reza Muhammad wrote:
binat on $ext_if1 from $server_int to any -> server_ext
Why do you need this line? I'm currently doing a simply RDR (like you do further in your pf.conf) and have a PASS rule. Here are the relevant lines from my pf.conf:
[...]
rdr on $ext_all proto tcp from any to $out_ip port { 22 80 } -> \
$internal
[...]
pass in on $ext_all proto tcp from any to $internal port { 22 80 } \
flags S/SA keep stateBoth TCP ports 22 and 80 are redirected. I do not have a BINAT rule anywhere (the responses from $internal are taken care of by the NAT rule(s).)
