On 2012-07-09, Fil DiNoto <fdin...@gmail.com> wrote:
> I am trying to achieve something I thought would be simple, but
> haven't had any luck.
>
>
> I have an OpenBSD 5.0 router/firewall with public IP X.X.X.A
>
> Behind it are a mix of OpenBSD and Linux systems, all with public IP. NO NAT.
>
> I run ssh on an alternate port, XXX22. However, from a certain
> location I am dealing with a firewall that will not allow outbound
> connections on XXX22 only on 22
>
> I have already set up a rule like this, and it works:
>
> pass in on egress proto tcp from $location1 to any port ssh rdr-to
> X.X.X.A port XXX22
>
> But i was wondering if I could achieve something that would work for
> ALL the addresses behind the router as well without creating
> individual rules for each address. Something like this:
>
> pass in on egress proto tcp from $location1 to any port ssh rdr-to
> (original destination IP) port XXX22
>
>

nope. easiest option for this is probably a userland proxy.
not sure but I reckon relayd can probably do it.

Reply via email to