Hi,
I have been playing a lot with authpf, and there is one thing which I don't understand. Here is my authpf.rules
* don't care about any in RDR rule, it is only for testing purposes.
Here is pf.conf
If I don't have a special rule which is commented ("#rdr pass * port 999 *") I can't connect to my VNC, keep in mind that I authorized with my special user account (shell authpf). If I unmark this #rdr line, everything works like a charm. The question is why? I don't get it, authpf.rules has its own rule to redirect me to a special port!
Another strange behavior I've observed with statistics, all my connections after authorization, don't hit any of the authpf rules
Applix,Garcon refers to port 999.
Maybe I've done something wrong?
I have been playing a lot with authpf, and there is one thing which I don't understand. Here is my authpf.rules
Code:
ext_if = "em0"
ext_addr_net="(" $ext_if:network ")"
ext_addr="(" $ext_if:0 ")"
rdr pass on $ext_if proto { tcp, udp } from [B]any[/B] to $ext_addr port 999 -> 127.0.0.1 port 5900
pass in quick on $ext_if from $user_ip to any
pass out quick on $ext_if from any to $user_ip
Here is pf.conf
Code:
table <authpf_users> persist
#rdr pass on $ext_if proto { tcp, udp } from <authpf_users> to $ext_addr port 999 -> 127.0.0.1 port 5900
pass in on $ext_if from <authpf_users> to ($ext_if)
anchor "authpf/*"
If I don't have a special rule which is commented ("#rdr pass * port 999 *") I can't connect to my VNC, keep in mind that I authorized with my special user account (shell authpf). If I unmark this #rdr line, everything works like a charm. The question is why? I don't get it, authpf.rules has its own rule to redirect me to a special port!
Another strange behavior I've observed with statistics, all my connections after authorization, don't hit any of the authpf rules
Code:
pfctl -a 'authpf/USER(PID)' -sr -vv
@0 pass in quick on em0 inet from USER_IP to any flags S/SA keep state
[ Evaluations: 1748 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 4001 pid 8090 State Creations: 0 ]
@1 pass out quick on em0 inet from any to USER_IP flags S/SA keep state
[ Evaluations: 1716 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 4001 pid 8090 State Creations: 0 ]
pfctl -a 'authpf/USER(PID)' -sn -vv
@0 rdr pass on em0 inet proto tcp from any to (em0:0:1) port = garcon -> 127.0.0.1 port 5900
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 4001 pid 8090 State Creations: 0 ]
@1 rdr pass on em0 inet proto udp from any to (em0:0:1) port = applix -> 127.0.0.1 port 5900
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 4001 pid 8090 State Creations: 0 ]
Applix,Garcon refers to port 999.
Maybe I've done something wrong?