Hello, and welcome!
The major syntax changes that including changing the
"rdr" directive to "
rdr-to" occurred with the release of OpenBSD
4.7. The two releases supported at this time are
5.3 and 5.4.
From the pf.conf(5) man page for OpenBSD 4.6, the "no rdr" sytax was shown in this example:
Code:
In the example below, packets bound for one specific server, as well as
those generated by the sysadmins are not proxied; all other connections
are.
no rdr on $int_if proto { tcp, udp } from any to $server port 80
no rdr on $int_if proto { tcp, udp } from $sysadmins to any port 80
rdr on $int_if proto { tcp, udp } from any to any port 80 \
-> 127.0.0.1 port 80
The syntax was simplified. With
rdr-to directives usable with either pass or match rules, the equivalent to the
no rdr rule is not needed. Here is the same example, from the 5.4 version of the same man page:
Code:
In the example below, packets bound for one specific server, as well as
those generated by the sysadmins are not proxied; all other connections
are.
pass in on $int_if proto { tcp, udp } from any to any port 80 \
rdr-to 127.0.0.1 port 80
pass in on $int_if proto { tcp, udp } from any to $server port 80
pass in on $int_if proto { tcp, udp } from $sysadmins to any port 80