[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-pf
Subject:    reply-to/rdr interaction
From:       Joe Nall <joe () nall ! com>
Date:       2002-12-31 21:50:54
[Download RAW message or body]

I have a private IP test web server that I'm redirecting
port 210 (z2950) on my test box to with the following rdr rule:

rdr proto tcp from any to rl0 port z3950 -> $webserver port 80

with a corresponding pass through rule

pass in log on rl0 reply-to ( rl0 $router_ip ) inet proto tcp from any 
to $webserver port 80 flags S/FSRPAU keep state

The reply-to is required because the default route is on dc0 (dhcp 
cable modem).

Selective tcpdumps show the packets arriving on rl0 and being 
redirected to
the webserver on rl1. The response from the webserver comes back in on 
rl1 and
then disappears. The reply-to rules set up for tcp/udp services 
provided by the
test box appear to be working correctly. Am I missing a piece of the 
puzzle or
is the rdr/reply-to interaction incomplete?

This reply-to stuff is very slick. I have a dsl & cable modem hookup 
with
mail/www/vpn on a static IP address on the dsl interface and a default 
route
out the cable modem (it is twice as fast).

joe

[prev in list] [next in list] [prev in thread] [next in thread]