|
|||
Problem with PF
Dear,
I have the following rules on the link below for a test environment. http://pastebin.com/BGHQvfRu All IPs, with the exception of 192.168.50.4 are redirected to the proxy on port 8080. I wonder how do I get requests coming from IP 192.168.50.2 on port 80 and 443 bound for 200.200.200.200, are not redirected to port 8080. Below the proxy rules, I tried the following rule and not worked. Code:
match in on $INT_INTERNAL proto tcp from 192.168.50.2 to 200.200.200.200 port { 80 443 } Last edited by ocicat; 6th August 2015 at 02:05 PM. Reason: Please use [code] & [/code] tags when posting configurations. |
|
|||
Please provide the output of the following command:
$ sysctl kern.version
|
|
|||
root@srv01~# sysctl kern.version
Quote:
|
|
|||
It would be a bug?
|
|
|||
jggimi,
then you are saying to use Quote:
Quote:
|
|
||||
Basically, yes. But you will need to revise your later pass rules, as last-matching-rule will apply.
A match rule is used to set options for later block/pass rules. These are commonly used for broad application, such as for NAT, or logging. The match rules are less helpful for this particular use-case. |
|
|||
Quote:
Quote:
I honestly do not know what else to do. |
|
||||
The quick option can help you locate your error.
If you add a quick option to the third rule, and the platform at 192.168.50.2 no longer uses the proxy, there is a follow-on rule which matches this traffic, overriding the third rule. This is because the quick option is used to end further rule evaluation. If the quick option does not change behavior, then there are two possibilities: 1) either the rule does not match the traffic, or, 2) you have a match rule in the ruleset that is setting the rdr-to option. If you enable logging for your rules, you can use tcpdump(8) with pflog(4) to see exactly which rule is being applied to the traffic. |
|
|||
Sorry for not answering before. I completely forgot ...
Your suggestion to quick work. Shifted in the position of some rules and the environment worked correctly. Thank you!! |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Boot problem. Geometry problem? | gulanito | FreeBSD Installation and Upgrading | 0 | 3rd July 2009 03:03 AM |