man pf.conf xl1 represents all the IPs on x1 so either use the IP specifically or use xl1:0
David Newman wrote: > Looking for guidance on pf and aliases. I have an OBSD 3.8 box running > pf in front of two SMTP servers. > > Here's my setup: > > > Net -> 1.2.3.4---------> pf box -> box1 9.8.7.6 > 1.2.3.5 (alias)-> -> box2 9.8.7.7 > > > Problem is, pf sends all requests to box1, even those addressed to > 1.2.3.5. > > Here are the relevant bits from pf.conf: > > ExtIf=xl1 > ExtIfa="1.2.3.5" > IntIf=xl0 > > box1="9.8.7.6" > box2="9.8.7.7" > > nat on $ExtIf from $IntIf:network to any -> ($ExtIf) > > rdr on $ExtIfa inet proto tcp from any to $ExtIfa port 25 -> $box2 > rdr on $ExtIf inet proto tcp from any to $ExtIf port 25 -> $box1 > > pass in quick on $ExtIfa proto tcp from any to $box2 \ > port 25 flags S/SA keep state > pass in quick on $ExtIf proto tcp from any to $box1 \ > port 25 flags S/SA keep state > > Again, I'm looking to get requests to two public addresses mapped to > two private addresses. Right now, everything goes to the box1.
