You'll need to setup a NAT Port Forward rule that looks like this: If Proto Ext Port Range NAT IP Int. Port Range Description LAN TCP 25 (SMTP) <mailserver IP> <mailserver PORT> Redirect SMTP traffic to mail server
The problem is this. Your mail server *also* resides on the LAN interface. After processing the mail and trying to send it outbound, it too will be caught by the NAT redirect for the interface and will end up looping mail through itself. The only way around this is to place your mail server on a different interface. Unfortunately, I don't believe it is possible to do this sort of traffic redirection through pfSense at the IP/Subnet/block level, only a per interface level. Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 ----- "Joel Robison" wrote: > Hello All, > I was wondering if anyone here would be able to give me some pointers in context of traffic redirection. What I am attempting (and failing at I should add) to do is redirect all SMTP traffic from the LAN to another machine on the LAN interface for mail processing with a given set of rules I have created for the postfix instance (Think DLP reasons). Essentially this should be no different that setting up a transparent proxy server with squid (redirecting all web traffic to another server before it egresses the firewall). I know that at some point I have used PFSense to do the latter, but as I mentioned before I am failing, as the rule I have added to the LAN tab never gets hits. > Here is the rule: > Proto Source Port Destination Port Gateway Schedule Description TCP/UDP LAN net * 10.10.1.151 25 (SMTP) * > > > Any ideas what it is that I am NOT doing? or that I am doing wrong? > -Joel
