Thanks for the tcpdump switches. I don't know what was going on with
the switches that I was using, but when I used yours, I started to get
debugging info, which revealed some strange behaviour.
From there I started to re-read (again) the docs and found and tried
TCP Proxying which worked like a charm.
Next time I'll try to keep my posted rules to a minimum as requested.
Thanks for the help.
best regards,
Reid
--- Stuart Henderson [EMAIL PROTECTED] wrote:
On 2006/02/26 14:13, Reid Nichol wrote:
inet -- andrew -- xander
|
users
Everything is working, NAT, RDR for the other stuff, just not the
web
server. I've tried some variations for rdr used rdr pass, etc, but
nothing in the logs. I use:
a simple 'tcpdump -n port 80' on xander will show if the packets
arrive
there or not.
Here is andrews pf.conf:
rdr pass on $ext_if proto tcp from any to any port 80 - $xander
port 80
I couldn't identify whether you were using the 'log' rules to debug
where a basic problem with the redirect lies, or whether the problem
is
that the logging isn't working. But this creates an implicit 'pass'
rule
so if it's the latter, you probably wanted to write 'rdr pass log'.
Just my #0.02, but it's quite a complex ruleset to be looking at
while
debugging a problem. You might want to simplify and just use the bare
minimum rules for the problem you're trying to fix. It might help
illuminate the problem and, even if it doesn't, it's easier for
people
to help if they have fewer rules to read.
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com