|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: pf, ftp-proxy, default deny, 421 Service not avaiable
From: Henning Brauer (lists-openbsd
bsws.de)
Date: Tue Nov 02 2004 - 05:59:43 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
* Chris Zakelj <c.zakeljieee.org> [2004-11-02 11:50]:
> and 'rdr pass' is something that's not in the man pages
are you trying to offend me?
it is right in the second paragraph of the TRANSLATION section.
Packets that match a translation rule are only
automatically passed if the pass modifier is given, otherwise they are
still subject to block and pass rules.
it is in the TRANSLATION EXAMPLES section.
If the pass modifier is given, packets matching the translation rule are
passed without inspecting the filter rules:
rdr pass on $ext_if proto tcp from any to any port 80 -> 127.0.0.1 \
port 8080
and of course the BNF features it as well.
nat-rule = [ "no" ] "nat" [ "pass" ] [ "on" ifspec ] [ af ]
[ protospec ] hosts [ "tag" string ]
[ "->" ( redirhost | "{" redirhost-list "}" )
[ portspec ] [ pooltype ] [ "static-port" ] ]
binat-rule = [ "no" ] "binat" [ "pass" ] [ "on" interface-name ]
[ af ] [ "proto" ( proto-name | proto-number ) ]
"from" address [ "/" mask-bits ] "to" ipspec
[ "tag" string ]
[ "->" address [ "/" mask-bits ] ]
rdr-rule = [ "no" ] "rdr" [ "pass" ] [ "on" ifspec ] [ af ]
[ protospec ] hosts [ "tag" string ]
[ "->" ( redirhost | "{" redirhost-list "}" )
[ portspec ] [ pooltype ] ]
if you're really unable to spot that yourself, please go run another
operating system. I really dunno how we should make that even more
clear.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]