Hi Nick,
Thanks. I applied both rules below, unfortunately I am still only hitting rule number #1 (rdr-to). nat-to is never reached (added "log" on each to test). I tried inverting the order, too, but no luck. #1 match in on $ext_if proto tcp from <spammers> to ($ext_if) port 25 \ rdr-to 200.200.200.200 port 2222 #2 match out on $ext_if proto tcp to 200.200.200.200 port 2222 received-on \ $ext_if nat-to ($ext_if) -- Fabio Martins > Hi Fabio, > > I believe this will do what you want, seemed to work in quick testing > here, adjust to suit your environment. > > > match in on $ext_if proto tcp from <spammers> to ($ext_if) port 25 > rdr-to 200.200.200.200 port 2222 > match out on $ext_if proto tcp to 200.200.200.200 port 2222 received-on > $ext_if nat-to ($ext_if) >
