> -----Original Message----- > From: Bill Marquette [mailto:[EMAIL PROTECTED] > Sent: 06 June 2006 14:20 > To: [email protected] > Subject: Re: [pfSense Support] port forwarding > > On 6/6/06, Angelo Turetta <[EMAIL PROTECTED]> wrote: > > I think filtering both before and after NAT is out of scope > (pf is not > > designed to do that). > > correct > > > What could be easily done to alleviate 'the missing' would > be to add to > > the 'rdr' UI the possibility to specify the FROM part of > the rule. If > > you look at your /tmp/rules.debug yuo'll see that rdr rules are > > specified as follows: > > > > rdr on vlan0 proto tcp from any to x.y.w.z/32 port {80 443} > -> a.b.c.d > > > > The part 'from any to' is added by filter.inc Allowing the user to > > specify a source would allow to translate only some of the > packets, with > > the remainder matching some following NAT rules or being passed > > untranslated to the filter. I don't know whether the rdr > rules syntax > > allows 'from' to contain an alias, or a list of values. > > Yep, exactly what we're talking about. And it certainly does. > > --Bill >
So do you set these up as virtual IP's then? Or is it a recent change (im still on RELENG_1_SNAPSHOT_03-26-2006). --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
