I was just having this problem last night and just found the solution
in the pf faq
you may want to look here.
http://www.openbsd.org/faq/pf/rdr.html#reflect
The bottom of this page describes 3 seperate approaches for doing what
you want to do.
On 11/30/05, Elijah Savage <[EMAIL PROTECTED]> wrote:
> Peter N. M. Hansteen wrote:
> > Elijah Savage <[EMAIL PROTECTED]> writes:
> >
> >
> >> #pass traffic from the net to internal host
> >> pass in on $ext_if proto tcp from any to $www_mail port 25 flags S/SA
> >> synproxy state
> >> pass in on $ext_if proto tcp from any to $www_mail port $web_ports flags
> >> S/SA synproxy state
> >>
> >
> > hm. looks like you may have copied my incomplete tutorial rule set.
> > You either need to pass on $prv_if as well or say simply
> >
> > pass proto tcp from any to $www_mail port 25 flags S/SA synproxy state
> > pass proto tcp from any to $www_mail port $web_ports flags S/SA synproxy
> > state
> >
> > I probably should update that part of the tutorial.
> >
>
> Peter I actually have not seen your tutorial but I will try to google
> read it, I actually took this from my 3.6 box which obviously I need to
> revist the pf.conf I copied off of it because I definitely did not get
> all the pieces I needed copied over. The old file was so huge and a lot
> of stuff was not needed so I was going to start fresh with the basic
> services then build up to get more secure.
>
> Thank you Peter.
>
