Stupid pf tricks

From WTFwiki

Revision as of 13:35, 3 October 2007 by Jontow (talk | contribs) (add pf proxy)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

"pf proxy"

(Customer) <--> [E](pf proxy)[I] <--> (Destination:D)

E: "ext_if", customer-facing interface, IP: 1.2.3.4
I: "int_if", destination-facing interface, IP: 2.3.4.5
D: destination IP: 5.6.7.8

 ext_if="fxp0"
 int_if="fxp1"

 dest_real="5.6.7.8"
 dest_fake="2.3.4.5"

 rdr on $ext_if from any to $dest_fake -> $dest_real
 nat on $int_if from any to $dest_real -> ($int_if)

ORDER OF rdr/nat RULES IS IMPORTANT, SOMEHOW.

Retrieved from "http://wtf.hijacked.us/wiki/index.php?title=Stupid_pf_tricks&oldid=596"