Port forwarding on two interfaces with pf

 Posted on June 4, 2024  |  Fabio Montefuscolo

The problem

I have a FreeBSD virtual machine with two interfaces, one set as a bridge and the other as a internal network for virtual machines. I want both interfaces forwarding ports to an ingress jail.

The solution

Packet Filter (pf)

The interfaces are em0 and em1, the bridge and internal network respectively.

# /etc/pf.conf
ext_if="{ em0, em1 }"

set block-policy return
scrub in on $ext_if all fragment reassemble
set skip on lo

table <jails> persist
nat on $ext_if from <jails> to any -> $ext_if
rdr-anchor "rdr/*"

Setting RDR rules on the ingress jail

The jail named ingress will be the one receiving the traffic.

# Format is:
#     bastille rdr TARGET tcp host_port jail_port

$ bastille rdr ingress tcp 80 80
$ bastille rdr ingress tcp 443 443
python  nvim  neovim 

Set PHP timezone

 Posted on November 22, 2019  |  Fabio Montefuscolo

Set a time in PHP configuration file to correctly display date and time information [Read More]
php 

Change WordPress uploads URL

 Posted on August 15, 2016  |  Fabio Montefuscolo

Changes the URL address WordPress renders for the user-uploaded files. The browser will fetch the files from the new address instead of fetching from the WordPress server. [Read More]
wordpress  php