View Single Post
  #5   (View Single Post)  
Old 9th November 2009
s2scott's Avatar
s2scott s2scott is offline
Package Pilot
 
Join Date: May 2008
Location: Toronto, Ontario Canada
Posts: 198
Default

Quote:
Originally Posted by sparker View Post
rdr on $int_if proto tcp from any to any port 80 -> $webserver
rdr is a catch-and-pitch (receive on the outside and re-transmit on the inside); therefore, it likely, it should be,

Code:
rdr on $ext_if proto tcp from any to ($ext_if:0) port 80 -> $webserver
This alone is insufficient.

Code:
#
rdr on $ext_if proto tcp \
 from any to ($ext_if:0) port 80 \
 tag MYPORT80 -> $webserver
#
pass in log quick on $ext_if inet proto TCP \
 tagged MYPORT80 synproxy state
#
pass out log quick on $int_if inet proto TCP \
 tagged MYPORT80 keep state
#
/S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience.

Last edited by s2scott; 9th November 2009 at 08:04 AM.
Reply With Quote