View Single Post
Old 29th May 2009
hamba hamba is offline
Fdisk Soldier
 
Join Date: Apr 2008
Posts: 71
Default

Hi

If you want to connect directly to your firewall you don't need a reply-to rule. The reply-to rule only applies when you are using rdr rules to access servers behind the firewall.

you can use reply-to as follows
Code:
rdr on $ext_if1 proto tcp from any to $ext_if1 port 22 -> 10.100.100.104

pass in quick on $ext_if1 reply-to ($ext_if1 $ext_gw1) proto tcp from any to 10.100.100.104 port = 22
You can try a normal pass in rule on ext_if2
Code:
pass in log quick on $ext_if2 inet proto tcp from 94.237.82.251 to $ext_if2 port = 8081
Add this rulle some where high up in your pf.conf, before the reply-to and route-to rules.

Last edited by hamba; 29th May 2009 at 07:33 PM.
Reply With Quote