[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RDR of http does not work



Hi folks,
I have a problem here redirecting http-traffic automaticly to my login-site
if a user ist not authentificated. After the login on the website his IP is
added to a table and then he should be able to connect to the internet.
My pf.conf:
-------------------------
ext_if="hme0"
int_if="xl0"
good_ports="{ 443 , 22 , 80 , 53 }"
table <authenticated-users> persist
set loginterface $ext_if
scrub on $ext_if random-id reassemble tcp
nat on $ext_if from <authenticated-users> to any -> ($ext_if)
rdr pass on $int_if proto tcp from !<authenticated-users> to any port { 80,
443 } -> ($int_if) port 443
block return all
pass quick on lo0 all
antispoof quick for lo0
pass in on $int_if proto tcp to ($int_if) port $good_ports flags S/SA
modulate state
pass quick on {$int_if,$ext_if} inet proto icmp all icmp-type 8 code 0 keep
state 
pass out on $ext_if inet proto { tcp, udp } from ($ext_if) to any flags S/SA
modulate state 
pass out on $int_if inet proto { tcp, udp } from ($int_if) to any flags S/SA
modulate state 
pass in on $ext_if inet proto tcp from any to ($ext_if) port 22 flags S/SA
modulate state 
pass in on $int_if inet proto {tcp, udp} from <authenticated-users> to any
flags S/SA modulate state
-------------------
The problem is, that when the user is not in the table he will not be
redirected to the server. Where is my mistake?
Thank you,
Jonathan