Le mardi 09 fivrier 2010 08:44:14, Bret S. Lambert a icrit :
> On Tue, Feb 09, 2010 at 08:19:14AM +0100, Joakim Aronius wrote:
> > * Jean-Frangois SIMON (jfsimon1...@gmail.com) wrote:
> > > 2010/2/7 Bret S. Lambert <bret.lamb...@gmail.com>
> > >
> > > > No, you'd have to so a seperate rdr line for each backend host.
> > >
> > > Would a rule like this one work (2 lines).
> > > rdr pass on $ext_if proto tcp from any to any port 1024:65535 ->
> > > 10.0.1.32 rdr pass on $ext_if proto tcp from any to any port 1024:65535
> > > -> 10.0.1.33
> >
> > You can't redirect one port to multiple machines, your options are:
> > 1) redirect different ports to different machines, i.e.:
> > rdr pass on $ext_if proto tcp from any to any port 1024:5000 -> 10.0.1.32
> > rdr pass on $ext_if proto tcp from any to any port 5001:65535 ->
> > 10.0.1.33
> >
> > 2) get more external IP addresses.
>
> Or use tables:
>
> table <foo> = { $list_of_ips }
> rdr pass on $ext_if proto tcp from any to any port 1024:65535 -> <foo>
>
> or run relayd
>
> The OP would do well to read the PF guide on openbsd.org.
>
Is it possible to use the rule given by Stuart Henderson as follows ?
rdr pass on $ext_if proto tcp to port 1024:65535 -> 10.0.1/24
I will try this for real later on, for now I don't have access to this
machine.
