View Single Post
  #4   (View Single Post)  
Old 24th March 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Quote:
Originally Posted by petter View Post
pass in quick on $int_if proto tcp from any to any port 80 \
rdr-to 192.168.1.11 port 8080

it did not work, i lost my web connection...
You asked for traffic redirection. I have never used HAVP; however after your post about failure I Googled for a minute or two. HAVP is an HTTP Proxy, and could certainly be configured for use as an HTTP proxy in your client browsers, in the event you are unable to resolve this particular problem.
Quote:
..but i have also a webserver on my lan. does this cause troubles?
You have a conflict. The new redirection rule you added for the server at 192.168.1.11 conflicts directly with the redirection rule you already have for internal traffic headed outbound which you redirect to $wwwserver.

The new redirection rule is for any IP address with destination port 80. The existing redirection is for any $int_if traffic headed to $ext_if for destination ports 80 or 443 . These two rules will both match the same traffic, and the last matching rule will be used.

I can't tell which rule is first or last, as you have only posted your pf.conf in fragments.

I'm not sure why you were already redirecting all outbound external HTTP/S traffic to your $wwwserver. However, if you wish to do this and also direct the exact same packets to your HAVP server, there is dup-to, which will duplicate the packets. Is that what you had in mind?

It may help if you start by explaining what it is you are actually trying to accomplish, then I (and others) may be able to make suggestions for possible solutions for you to consider.
Reply With Quote