PF Forwarding webserver

J

jkuiper

How can I see the the webserver is really forwarded?
Code: 
### -- NAT en redirection -- ###
# ext_if IP address could be dynamic, hence ($ext_if)
nat on $ext_if from $localnet to any -> ($ext_if)
### [NAT] the VPN connections (for access to the remote secure networks)
nat on $int_if from $vpn_net0 to any -> $int_if
nat on $int_if from $vpn_net1 to any -> $int_if

### Redirect webserver
rdr on $ext_if proto tcp from any to any port { http https } -> $webserver
Is there some kind of tool where I can see if the firewall redirects to the target IP.
 
List the active rules with # pfctl -sr and then look up active states with # pfctl -ss.

By the way, the rdr is safer to write like this:

Code: 
rdr on $ext_if proto tcp from any to ($ext_if) port { http https } -> $webserver

Otherwise you could be redirecting traffic not meant for you if some smart guy sets your external address their default gateway address.
 
Thanks. I also looked at fplog, but I forgot to log the external device.
I changed some rules, but can only reload in the evening, because some openvpn connections are connected and can't disable them right now.

It's strange. It worked last year. I don't think my blocking rules gives the problem.

Code: 
table <bruteforce> persist
block in quick proto tcp from <bruteforce> to any port { 80 22 }
block in all

I still can use ssh.
 
You must log in or register to reply here.
Back
Top