Hi How could PF be used to create a bridge that redirects IP traffic?
What I intended to do (and failed) was to put a bridge (OpenBSD 3.4-beta) just in front of a small network of servers. The bridge was to redirect smtp traffic targeted to one of the servers to another server: NETWORK -- xl1 -- Bridge -- xl2 -- SERVERS Interfaces xl1 and xl2 have no IP address assigned, xl0 is also connected to NETWORK and has an IP address. The pf rule was rdr on xl1 from any to server_a port 25 -> server_b port 25 It did, as I mentioned, not work. I suspect because interface xl2 is on the same ethernet segment as the servers. The following setting did work with said pf rule: NETWORK -- xl1 -- Bridge -- xl2 -- NETWORK (with Routers) -- SERVERS Here, off course, xl2 does not see Ethernet frames of the target systems and the redirection works perfectly. Is there any more information on doing redirection with bridges to hosts that are attached to the same ethernet segment? Or is there a way to rewrite packets on layer 2? I.e something like rdr on xl1 from any to 01:01:01:01:01:01 port 25 -> 02:02:02:02:02:02 port 25 Any information is greatly appreciated. - Marc
