On 2008/01/22 12:07, Arnaud Feix wrote:
> Hi,
>
> In your rule you have :
> rdr on $IntIF inet proto tcp from any to 80.17.9.12 port 5280 -> 192.168.11.3
> port 5280
>
> instead of $IntIF you should have $ExtIF no ?
>
> because your rule says :
>
> pass in quick on $ExtIF inet proto tcp from any to any port 5280 keep state
that will just affect whether the traffic is logged; 5280 is in $services
and there are no "block" rules for $IntIF.
> > Services="{ ssh, http, https, 5222, 5223, 5269, 5280, 6667 }"
> >
> > pass in quick on $ExtIF inet proto tcp from any to any port 5280 keep state
> > pass in log quick on $ExtIF inet proto tcp from any to any port $Services
> > keep state
> > pass in log quick on $IntIF inet proto tcp from any to any port $Services
> > keep state
