I am trying to redirect web and mail service to a internal server on the
local lan this is my entire pf.conf below and I just can't figure out
for the life of me why this does not work. I did a fresh install from
3.6 to 3.8 on a sparc 20 and I am starting to believe something did not
go right with the install though it went on cleanly. I would appreciate
greatly someone giving me a sanity check. My internal clients can get
out through the firewall to the net. I have took out all the fancy altq
stuff I had in 3.6 and dumbed it down as much as possible to what you
see below.
#Macros
ext_if="le1"
prv_if="le0"
web_ports = "{ http, https }"
prv_hosts = "{192.168.11.0/24}"
www_mail = "192.168.11.250"
#Options
#Normalize Packets
scrub in all
scrub out all
#Translate packets
nat on $ext_if from $prv_if:network to any -> ($ext_if)
#Redirect for Internal Server
rdr on $ext_if proto tcp from any to $ext_if port 25 -> $www_mail
rdr on $ext_if proto tcp from any to $ext_if port $web_ports -> $www_mail
#Filter Packets, Block all packets coming in from the outside and log them
block in log all
#Pass all connections originating from the firewall
pass out quick on $ext_if from ($ext_if) to any flags S/SA modulate state
#Pass all connections originating from the screened lan
pass in quick on $prv_if from $prv_hosts to any flags S/SA keep state
#pass traffic from the net to internal host
pass in on $ext_if proto tcp from any to $www_mail port 25 flags S/SA
synproxy state
pass in on $ext_if proto tcp from any to $www_mail port $web_ports flags
S/SA synproxy state
