On Sun, 15 Dec 2019 15:17:26 +0100, Alexandr Nedvedicky <alexandr.nedvedi...@oracle.com> wrote:
> > Should the rdr-to rule still work? I fixed it with using the "Port > > foo" directive in my sshd config (and a simple "pass in to port > > foo") in the meantime. > > My earlier indeed change omits your usecase. The rdr rule should > still work. Patch below should fix it. The idea is to check whether > the packet got NATed to loopback. We let packet in, if it got changed > by PF. That makes sense. I confirm your diff makes rdr-to 127.0.0.1 work again, thanks! > OK ? ok danj@ Cheers, Daniel
