Quote:
Originally Posted by sparker
rdr on $int_if proto tcp from any to any port 80 -> $webserver
|
rdr is a catch-and-pitch (receive on the outside and re-transmit on the inside); therefore, it likely, it should be,
Code:
rdr on $ext_if proto tcp from any to ($ext_if:0) port 80 -> $webserver
This alone is insufficient.
Code:
#
rdr on $ext_if proto tcp \
from any to ($ext_if:0) port 80 \
tag MYPORT80 -> $webserver
#
pass in log quick on $ext_if inet proto TCP \
tagged MYPORT80 synproxy state
#
pass out log quick on $int_if inet proto TCP \
tagged MYPORT80 keep state
#
/S