On 2024-03-02, Kasak <ka...@kasakoff.net> wrote: > Hello misc! There is a good manual on OpenBSD faq about redirection and > reflection, here it is: https://www.openbsd.org/faq/pf/rdr.html#tcpproxy > > I’m using nginx as tcp and udp proxy, but maybe there is another software, > more suitable for this task? > I need to redirect and reflect near 15 tcp ports and couple of udp. > I know I can do this with only pf, but I switched to nginx intentionally, > because this amount of ports made my pf config hard readable.
As far as TCP goes, haproxy is possibly a bit better suited. It doesn't do UDP though (and unlikely to in a generic way, see https://github.com/haproxy/haproxy/issues/62). Depending on which UDP protocols are used there might be better alternatives though - for example if it's DNS then look at dnsdist. UDP proxying in most cases needs to be protocol-aware.
