Hi list.
I've installed OpenBSD 4.7 and seen the upgrade guide with different
changes. My question is about redirect rules.
before the update a redirect rule was:
rdr on $int from $int:network to any port ftp -> 127.0.0.1 port 8021
but with 4.7 update the thing has changed.
Now a valid rule for rdr is:
a) pass in on $int from $int:network to any port ftp rdr-to 127.0.0.1
port 8021
b) match in on $int from $int:network to any port ftp rdr-to 127.0.0.1
port 8021
my questions are:
the "a" rule is the same of a rdr (openbsd 4.6) rule with the pass keyword?
the "b" rule is the same of a rdr (openbsd 4.6) rule without the pass
keyword?
and then using "b" rule, I must add a pass rule for a service (suppose
http) such as with the old rdr rule?
What is the best solution?
Using the match rule with other filter rules for all redirect?
Using the pass rule with redirect for all redirect?
Using the match rule for redirect such as rdr on squid-proxy or
ftp-proxy with filter rules and the pass rdr rule for services?
thanks in advance
