FreeBSD Port-Forwarding With PF?

markcoker

markcoker

FreeBSD Port-Forwarding With PF?

I new to FreeBSD, wanted to know how to forward ports, im assuming i have to edit pf.conf.

Basicly i wanted to used utorrent and call of duty mod2, but i really just want learn the process.

Thanks in advance ps. The ports needed are 1500,3005,3101,28960,27015 and a random port for utorrent like 121247.

Ive tried the follow...
then typed /etc/rc.d/pf reload
(Reloading pf rules.)

Code: 
tcp_services="{ 1500,2390,2049,3005,3101,27015,28960 }"
udp_services="{ 1500,2390,2049,3005,3101,27015,28960 }"
icmp_types="echoreq"

comp3="192.168.1.109"

rdr on $ext_if proto tcp from any to any port 1500 -> $comp3
rdr on $ext_if proto tcp from any to any port 2390 -> $comp3
rdr on $ext_if proto tcp from any to any port 2049 -> $comp3
rdr on $ext_if proto tcp from any to any port 3005 -> $comp3
rdr on $ext_if proto tcp from any to any port 3101 -> $comp3
rdr on $ext_if proto tcp from any to any port 27015 -> $comp3
rdr on $ext_if proto tcp from any to any port 28960 -> $comp3

rdr on $ext_if proto udp from any to any port 1500 -> $comp3
rdr on $ext_if proto udp from any to any port 2390 -> $comp3
rdr on $ext_if proto udp from any to any port 2049 -> $comp3
rdr on $ext_if proto udp from any to any port 3005 -> $comp3
rdr on $ext_if proto udp from any to any port 3101 -> $comp3
rdr on $ext_if proto udp from any to any port 27015 -> $comp3
rdr on $ext_if proto udp from any to any port 28960 -> $comp3
 
How about making use of those variables?

Code: 
myservices="{ 1500,2390,2049,3005,3101,27015,28960 }"

comp3="192.168.1.109"

rdr on $ext_if proto udp/tcp from any to any port $myservices -> $comp3
 
SirDice said:
How about making use of those variables?

Code: 
myservices="{ 1500,2390,2049,3005,3101,27015,28960 }"

comp3="192.168.1.109"

rdr on $ext_if proto udp/tcp from any to any port $myservices -> $comp3
Click to expand...

thanks lots!, but theres a Syntax error in " rdr on $ext_if proto udp/tcp from any to any port $myservices -> $comp3 "
 
I tried that but this happens,

Code: 
# /etc/rc.d/pf reload
Reloading pf rules.
/etc/pf.conf:229: Rules must be in order: options, normalization, queueing, translation, filtering
pfctl: Syntax error in config file: pf rules not loaded



Code: 
# FILTERING SECTION
# -----------------

#block everything unless it passes a rule later
block in on $ext_if all
block out on $ext_if all
block in on $int_if all
block out on $int_if all

myservices="{ 1500,2390,2049,3005,3101,27015,28960 }"

comp3="192.168.1.109"

#rdr on $ext_if proto udp from any to any port $myservices -> $comp3 (current disabled not sure if i can do both udp & tcp)
rdr on $ext_if proto tcp from any to any port $myservices -> $comp3

Thanks again much appreciated.
 
sorry, i missed a few lines rules. now it loads fine but ports are still not open any ideas?
 
Ah.. I see the typo..

Code: 
myservices="{ 1500,2390,2049,3005,3101,27015,28960 }"

comp3="192.168.1.109"

rdr on $ext_if proto {udp, tcp} from any to any port $myservices -> $comp3

pass in on $ext_if proto {udp, tcp} from any to any port $myservices keep state

The order needs to be correct. It's nat first, then the rdr and lastly any block or pass rules.
 
you can also create all in one rule like this:
Code: 
rdr pass on $ext_if proto { tcp, udp } from any to any port $myservices -> $comp3
 
You must log in or register to reply here.
Back
Top