Firewall: pf Error: Redirection doesn't work

From: Advertisement <advertisement(at)optushome.com.au>
Date: Wed Mar 26 2003 - 08:29:04 EST

I appreciate your help.

I have run into problem with firewall configuration on OpenBSD 3.2 - x86 architecture. I tried to redirect incoming HTTP connections to a machine within firewall that runs the web server, but it doesn't work :(. I tried connecting from outside world, it times out all the time.

To redirect a connection I used the following command right below the 'nat' option:

rdr on $Ex proto tcp from any to any port 80 -> 192.168.0.11 port 80

Where $Ex is my internet connected device, from outside I used friend's computer to connect and also network-tools.com's HTTP HEADERS script to connect to my machine and get headers from internal web server, I entered it's IP address linking to port 80, this is the error I get: No headers downloaded or timeout.

I have read the FAQs relating to PF, and googled it. Do you know where the problem is? Here is my PF.CONF file:

Ex="ep1"                                        # External Interface
In="192.168.0.0/24"                     # Our Internal Network

scrub in all
nat on $Ex from $In to any -> 211.28.190.232 rdr on $Ex proto tcp from any to any port 80 -> 192.168.0.11 port 80 block in quick on $Ex inet proto tcp from any to any flags FUP/FUP block in on $Ex all
block out on $Ex all

pass out on $Ex inet proto tcp all flags S/SA keep state
pass out on $Ex inet proto udp all keep state
pass out on $Ex inet proto icmp all keep state

Thank you. Received on Wed Mar 26 07:34:59 2003