Hi all, After a lot of seeking and reading and doing I have this doubt :-)
Is PF not capable of letting two users ( with two differrent computers with 2 differrent IP from the RFC1918 range ) in the LAN to connect to the Same Windows 2003 remote desktop server on the Internet and work on it simultaneously??? The only workaround to connect to Windows Remote Desktop Server through PF I know of now is to use an rdr rule to do port forwarding something like. code: rdr pass on $ext_if inet proto tcp from $Windows_RDServer to any port 3389 -> $WRD_client1 port 3389 but then only $WRD_client1 will be able to access $Windows_RDServer through PF. (Asuming that the both Windows Remote Desktop Server and the Firewall has only one IP usable on the internet-which is mostly the case) No other computer in the LAN can connect to $Windows_RDServer on the internet simultaneously and work successfully because all traffic from it will be forwarded by the PF firewall to $WRD_client1 port 3389 How do I solve this problem while using PF and OpenBSD. Windows Internet Connection Sharing ( ICS ) does this very well so I think it should be also doable with OpenBSD too ( may be through a workaround or by writing an application ) Now a corresponding doubt if the above thing is not possible is this: OpenBSD uses ftp-proxy to let in Active FTP traffic which comes to port 20 through PF. Is it possible to do something like that in PF? ie. write a Remote Desktop Proxy for OpenBSD & PF that is able to do this?? if so have you got any suggestions or work arounds?? or are there applications that do this already available for OpenBSD? or is this a scenario where PF completely fails?? Thankyou all so much for all the help :-) Kind Regards Siju