No $lan_if is correct. Because 192.168.2.10 is a webserver in my dmz and
the dns server resolves the url to 212.212.212.212 for the outside world
and i use the same dns for my internal network (192.168.1.0/24). The
browser in the internal network now connects to the webserver with
212.212.212.212 which i want to redirect directly to the webserver at
192.168.2.10 .
This is working fine as long as i don't use rdr #2 for squid. Pf ignores
rdr #1 if i have rdr #2 in my pf.conf. Because of that i want rdr #1
processed prior to rdr #2.
The both rules againg:
#1
rdr pass on $lan_if proto { tcp } from $lan_nets to \
212.212.212.212 - 192.168.2.10
#2
rdr pass on $lan_if proto tcp from any to any port www - \
127.0.0.1 port 3128
Adrian
Daniel Hartmeier wrote:
On Wed, Nov 30, 2005 at 11:13:52AM +0100, Adrian Rudin wrote:
I have a question concering redirection.
These two rdr's are in my pf.conf:
#1
rdr pass on $lan_if proto { tcp } from $lan_nets to \
212.212.212.212 - 192.168.2.10
You probably want 'on $ext_if' in this rule, not 'on $lan_if'.
If 212.212.212.212 is external, the connection is incoming on the
external interface and outgoing on the internal one (rdr only applies to
incoming connections, on the specified interface).
Daniel