Quote:
Originally Posted by BSDfan666
If I understand you correctly, you want hosts on the internal network accessing your local server using the domain name?
As jggimi stated, a method of configuring this could be to have your DNS serve the internal address to clients on the Internet network.. however the following should be adequate to rewrite requests from your LAN to your external IP and replace them with the address of your internal service.
Code:
match in on $int_if inet proto tcp from $int_if:network to (egress:0) \
port https rdr-to $websrv
|
That's exactly what I want but the line your provided above isn't working for me. I had to change the port to http since that is what the host is expecting. Here is the entire pf.conf with the new addition you gave.
Code:
# macros
int_if="xl0"
ext_if="xl1"
int_net="{ 192.168.0.0/24 }"
whs="192.168.0.50"
pc1="192.168.0.20"
pc2="192.168.0.21"
websrv="192.168.0.55"
# options
set block-policy drop
set loginterface $ext_if
set skip on lo
# match rules
match in all scrub (no-df)
## START NEW LINE ##
match in on $int_if inet proto tcp from $int_if:network to (egress:0) port http rdr-to $websrv
## END NEW LINE ##
match out on egress inet from !(egress) to any nat-to (egress:0)
# filter rules
block in log
pass out quick
antispoof quick for { lo $int_if }
pass in on egress inet proto tcp to (egress) port 80 rdr-to $websrv synproxy state
pass in on egress inet proto tcp to (egress) port 443 rdr-to $whs synproxy state
pass in on egress inet proto tcp to (egress) port 5900 rdr-to $pc1 synproxy state
pass in on egress inet proto tcp to (egress) port 5901 rdr-to $pc2 synproxy state
pass in log on $int_if
Does the code line you gave me also depend on inetd to be running with the proxy line added to it?