Stuart Henderson a écrit :
On 2008/01/22 12:07, Arnaud Feix wrote:
Hi,
In your rule you have :
rdr on $IntIF inet proto tcp from any to 80.17.9.12 port 5280 -> 192.168.11.3
port 5280
instead of $IntIF you should have $ExtIF no ?
because your rule says :
pass in quick on $ExtIF inet proto tcp from any to any port 5280 keep state
that will just affect whether the traffic is logged; 5280 is in $services
and there are no "block" rules for $IntIF.
Services="{ ssh, http, https, 5222, 5223, 5269, 5280, 6667 }"
pass in quick on $ExtIF inet proto tcp from any to any port 5280 keep state
pass in log quick on $ExtIF inet proto tcp from any to any port $Services keep
state
pass in log quick on $IntIF inet proto tcp from any to any port $Services keep
state
I said instead of :
rdr on $IntIF inet proto tcp from any to 80.17.9.12 port 5280 -> 192.168.11.3
port 5280
He should have :
rdr on $ExtIF inet proto tcp from any to 80.17.9.12 port 5280 -> 192.168.11.3
port 5280
