Hello, Iam trying to setup a PF box with ONE interface on a public IP to be able to redirect all packets that come to one of its IPs to another IP. The objective is to cloak the IP of the final destination. Please note that there is a public IP on both sides.
1.1.1.1 (me) ---> 2.2.2.2 (PF box with binat) --> 3.3.3.3 So, if I want to SSH in 3.3.3.3 for example I could just ssh into 2.2.2.2 . Here is my pf.conf: # cat /etc/pf.conf t_externa = "re0" web_serv_int = "1.1.1.1" web_serv_ext = "3.3.3.3" binat on $t_externa from $web_serv_int to any -> $web_serv_ext I have also tried to add 1.1.1.1 as an ipaliase in the PF box ... but that just makes all my communications hang if I try to SSH to 2.2.2.2 from 1.1.1.1. Is there something Iam missing? I think this would be possible, right? --Matt
