How to Assign Tags to Packets with PF?

[allensmith]

Greetings to all,

I need help to insert a tag in the packets that
be redirected and filtered on a bridge.

I'm using freebsd8 + pf in OpenBSD is done as follows:

rdr on $ ext_if proto tcp from <spamd> to port smtp \
   tag SPAMD -> 127.0.0.1 port 8025

but in freebsd8 pfctl does not support tags, and ipfw
working with type init tags by (use tag ID )
I must be of type char (MT_HEADER "mbuf_tag")
someone on the list have patch for this?

thanks advance.

 

[DutchDaemon]

What do you mean by

in freebsd8 pfctl does not support tags

?

The exact same 'OpenBSD syntax' you used in your post is in pf.conf(5) on FreeBSD.

     # tag incoming packets as they are redirected to spamd(8). use the tag
     # to pass those packets through the packet filter.

     rdr on $ext_if inet proto tcp from <spammers> to port smtp \
             tag SPAMD -> 127.0.0.1 port spamd

     block in on $ext_if
     pass in on $ext_if inet proto tcp tagged SPAMD

 

[allensmith]

DutchDaemon,
Thank you.

It was just a syntax error. Now everything's ok.