I have a FreeBSD 8.1 box set to NAT the internet to my internal net of 4 assorted computers.
Running uTorrent and I have forwarded the port 40692 via pf.conf and it works great.
However.. ALL the computers on my network are able to use port 40692 now. Even if I set the IP address of the destination port to 10.10.10.10 in pf.conf it still forwards the port from any PC running utorrent.
Is there a way to set a port to the internal IP implicitly? So that 40693 goes ONLY to 192.168.5.10 and not all the other 192.169.5.xx IPs?
Here is my current working pf.conf modified from the example file..
Running uTorrent and I have forwarded the port 40692 via pf.conf and it works great.
However.. ALL the computers on my network are able to use port 40692 now. Even if I set the IP address of the destination port to 10.10.10.10 in pf.conf it still forwards the port from any PC running utorrent.
Is there a way to set a port to the internal IP implicitly? So that 40693 goes ONLY to 192.168.5.10 and not all the other 192.169.5.xx IPs?
Here is my current working pf.conf modified from the example file..
Code:
# Firewall for Home or Small Office
# [url]http://www.openbsd.org/faq/pf/example1.html[/url]
#
# macros
ext_if="fxp0"
int_if="rl0"
icmp_types="echoreq"
# options
set block-policy return
set loginterface $ext_if
set skip on lo
# scrub
scrub in
# nat/rdr
nat on $ext_if from !($ext_if) -> ($ext_if:0)
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
rdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021
[B]# Redirect torrent traffic ("port forwarding")
rdr on $ext_if proto tcp from any to any port 40692 -> 192.168.5.10
[/B]
# filter rules
block in
pass out
anchor "ftp-proxy/*"
antispoof quick for { lo $int_if }
[B]pass in on $ext_if inet proto tcp from any to 192.168.5.10 port 40692 synproxy state[/B]
pass in inet proto icmp all icmp-type $icmp_types
pass quick on $int_if no state