Quote:
Originally Posted by jggimi
Basically, yes. But you will need to revise your later pass rules, as last-matching-rule will apply.
A match rule is used to set options for later block/pass rules. These are commonly used for broad application, such as for NAT, or logging.
The match rules are less helpful for this particular use-case.
|
Using
Quote:
pass in on $INT_INTERNAL proto tcp from <NOPROXY> to any port 80 rdr-to $HOST_PROXY port 8080
pass in on $INT_INTERNAL proto tcp from <NOPROXY> to any port 443 rdr-to $HOST_PROXY port 8080
pass in on $INT_INTERNAL proto tcp from 192.168.50.2 to 200.200.200.200 port { 80 443 }
|
all ips network pass off the proxy.
I honestly do not know what else to do.