On 2012-07-09, Simon Perreault <[email protected]> wrote: > On 2012-07-09 10:17, Stuart Henderson wrote: >> On 2012-07-09, Fil DiNoto<[email protected]> wrote: >>> But i was wondering if I could achieve something that would work for >>> ALL the addresses behind the router as well without creating >>> individual rules for each address. Something like this: >>> >>> pass in on egress proto tcp from $location1 to any port ssh rdr-to >>> (original destination IP) port XXX22 >> >> nope. easiest option for this is probably a userland proxy. >> not sure but I reckon relayd can probably do it. > > Not even with a bitmask pool? > > pass ... rdr-to 0.0.0.0/0 port XXX22 bitmask > > Simon > >
Oh, that's twisted, I like it!
