Hi, A quick read of your rule below pass in quick on any proto tcp from any to any port 80 rdr-to 192.168.2.21 port 8801
seems way too general try this instead pass in quick on any proto tcp from any to 192.168.2.5 port 80 rdr-to 192.168.2.21 port 8801 and see how you get on ... On Thu, 20 Dec 2018 at 00:13, Flipchan <[email protected]> wrote: > > Hello all, > > I am trying to get packets(/curl -v) to go 192.168.2.4 > 192.168.2.5:80 > > 192.168.2.21:8801 > > > > .5 middle host | cat /etc/pf.conf > > > set skip on lo > > block return # block stateless traffic > pass # establish keep-state > > > pass in quick on any proto tcp from any to any port 80 rdr-to 192.168.2.21 > port 8801 > pass out quick on any proto tcp from 192.168.2.21 > > block return in on ! lo0 proto tcp to port 6000:6010 > > # Port build user does not need network > #block return out log proto {tcp udp} user _pbuild > > > > the connection just times out, what am i missing? > > > .4host$ ifconfig > lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 32768 > index 3 priority 0 llprio 3 > groups: lo > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 > inet 127.0.0.1 netmask 0xff000000 > em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > lladdr 2c:40:0a:7d:1c:4d > index 1 priority 0 llprio 3 > groups: egress > media: Ethernet autoselect (1000baseT full-duplex) > status: active > inet 192.168.2.5 netmask 0xffffff00 broadcast 192.168.2.255 > enc0: flags=0<> > index 2 priority 0 llprio 3 > groups: enc > status: active > pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33136 > index 4 priority 0 llprio 3 > groups: pflog > $ > > > i tried a syntax suggestion in on the bottom page of: > https://www.openbsd.org/faq/pf/rdr.html > without any luck... > > > i am just getting timeouts here, does anyone know how i could solve this? > > > Take Care > Sincerely > flipchan -- Kindest regards, Tom Smyth Mobile: +353 87 6193172 The information contained in this E-mail is intended only for the confidential use of the named recipient. If the reader of this message is not the intended recipient or the person responsible for delivering it to the recipient, you are hereby notified that you have received this communication in error and that any review, dissemination or copying of this communication is strictly prohibited. If you have received this in error, please notify the sender immediately by telephone at the number above and erase the message You are requested to carry out your own virus check before opening any attachment.
