OpenBSD PF
что-то я тупой. есть простенький конфиг pf
ext_if_m=”vlan0″
ext_if_b=”vlan1″
int_if=”sk0″
set skip on lo
scrub in
nat on $ext_if_m from $int_if:network to any -> $ext_if_m
nat on $ext_if_b from $int_if:network to any -> ($ext_if_b)
rdr on $ext_if_m proto tcp from any to any port 2200 -> 192.168.1.3 port 22
rdr on $ext_if_m proto tcp from any to any port 45678 -> 192.168.1.3
block in
pass out
pass quick on $int_if no state
antispoof quick for { lo $int_if }
pass in on $ext_if_b proto tcp to ($ext_if_b) port ssh
pass in on $ext_if_m proto tcp to ($ext_if_m) port ssh
pass in on $ext_if_m proto tcp from any to any port 2200
pass in on $ext_if_m proto tcp from any to any port 45678
pass in on $ext_if_m inet proto icmp from any to ($ext_if_m) icmp-type echoreq
pass in on $ext_if_b inet proto icmp from any to ($ext_if_b) icmp-type echoreq
я в упор непонимаю почему не пашет перенаправление портов.
если убрать всю секцию фильтрации – то пашет.