On 2019/12/16 13:44, Alexander Bluhm wrote: > On Sat, Dec 14, 2019 at 09:26:06PM -0500, Daniel Jakots wrote: > > My sshd doesn't listen on port 22 but I was too lazy to change it in my > > sshd config so I have a rule > > > > pass in [...] rdr-to 127.0.0.1 port ssh [...] > > A pf divert-to rule is better for this use case.
Note that the divert destination will need to be the address the socket is bound to, i.e. usually "pass in [...] divert-to 0.0.0.0 port ssh [...]" for sshd.
