On Mon, Feb 9, 2009 at 5:11 PM, Chris Buechler <c...@pfsense.org> wrote: > On Mon, Feb 9, 2009 at 5:43 PM, Tim Nelson <tnel...@rockbochs.com> wrote: >> ----- "Bill Marquette" <bill.marque...@gmail.com> wrote: >>> >>> The MTA needs to not be on the same network as you are redirecting. >>> ie. You can't send LAN traffic back to LAN, it MUST go to a >>> different >>> interface (say a DMZ). There are ways around the issue Tim >>> describes, >>> but it's not really pertinent to your issue at the moment anyway. >>> Bottom line, you can't port forward to an address on the same network >>> as the traffic is sourced from. >> >> Care to share the ways around the issue? :-) >> > > Specifying source IP/net in port forward rules, which isn't possible > in pfSense 1.2 nor 2.0 at this time. It's on the feature request list > already.
Erm, yeah, my mistake, I'm used to working in pf.conf :) My home firewall is much less complex than the stuff I deal with at work. It's possible to do, just not in pfSense at this time. --Bill --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org