Re: SSH through port SMTP
Hi, Thanks for your reply and advice. My problem is that I the remote operator may decide to block SSH access to the bridge. But I know he will not block SMTP access, because the bridge is running spamd. The bridge has to sk interfaces, the external one having a valid IP address and the internal one IP-less. In fact, I sort of borrowed the ruleset from the spamd PF config. Only I put the rdr rule for SSH before the rdr rule for spamd. My idea was: whenever a connection from an specific IP address, $myip, comes in on port SMTP, redirect it to the SSH server via the loopback interface. But it seems that I need to do more than just redirect the traffic to port SSH and route it through the loopback interface. Any help is appreciated. Regards, Jose.
SSH through port SMTP
Hi, I would like to connect via SSH protocol to a remote site running obsd PF in bridge mode where the only externally open port is SMTP, since there is a mail server running. I Thought of setting up PF at the remote site with the following ruleset: rdr on $ext_if inet proto tcp from $myip to any port smtp - 127.0.0.1 port ssh pass in on $ext_if route-to lo0 inet proto tcp from $myip to 127.0.0.1 port ssh But I did not get what I wanted. The connection always times out. Could someone point at what might be wrong or missing. Thanks in advance. Regards, Jose
Re: SSH through port SMTP
You are trying to do something evil by making a bridge pretend it is the host on its other side. Do not do that. Just fix the upstream firewall to pass the management traffic you need to the box. 127.0.0.1 shouldn't arrive on a non-loopback interface. If you wanted to try to do this kind of silly hack, you would use another address and configure it on $ext_if. Where is your ifconfig output and dmesg, anyway?