https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268717
--- Comment #15 from Kristof Provost <k...@freebsd.org> --- (In reply to dfr from comment #14) Right, but rdr very much expects to be used on inbound traffic only. I believe the relevant code to be in pf_get_translation(), where we only look at the RDR ruleset if direction != PF_OUT (i.e. it's PF_IN). So I think we have three choices: 1) extend nat (or binat) to be able to change the port and destination address (rather than source address). 2) teach rdr to work on PF_OUT 3) Build on the work in https://reviews.freebsd.org/D38025 and use OpenBSD's rdr-to, where the man page at least seems to suggest it can also work out outbound traffic. -- You are receiving this mail because: You are the assignee for the bug.
