I am trying to redirect localhost traffic on specific port to bridged network ip
I am using following
echo "
rdr pass inet proto tcp from any to any port 9300 -> 192.168.64.29 port 9300
rdr pass inet proto tcp from any to any port 3406 -> 192.168.64.29 port 3406
rdr pass inet proto tcp from any to any port 1234 -> 127.0.0.1 port 8000
" | sudo pfctl -ef -
it works fine for 1234 -> 8000
I had simple Python server running on port 8000
python -m http.server 8000 --bind 127.0.0.1
Visiting http://localhost:1234/ loads server running on 8000 nicely
output of sudo pfctl -s states
ALL tcp 127.0.0.1:8000 <- 127.0.0.1:58791 FIN_WAIT_2:FIN_WAIT_2
ALL tcp 127.0.0.1:8000 <- 127.0.0.1:58792 FIN_WAIT_2:FIN_WAIT_2
But similar rule to redirect 127.0.0.1:9300 -> 192.168.64.29:9300 and 127.0.0.1:3406 -> 192.168.64.29:3406 is not working
I can see SYN_SENT in output of sudo pfctl -s states
output
ALL tcp 127.0.0.1:8000 <- 127.0.0.1:58791 FIN_WAIT_2:FIN_WAIT_2
ALL tcp 127.0.0.1:8000 <- 127.0.0.1:58792 FIN_WAIT_2:FIN_WAIT_2
ALL tcp 192.168.64.29:9300 <- 127.0.0.1:9300 <- 127.0.0.1:58796 CLOSED:SYN_SENT
ALL tcp 192.168.64.29:9300 <- 127.0.0.1:9300 <- 127.0.0.1:58797 CLOSED:SYN_SENT
I have read in few thread that I need to enable forwarding but that doesn't seem to work
sudo sysctl -w net.inet.ip.forwarding=1
I have port 9300 and 3406 open on IP 192.168.64.29 which is on bridge100 inet 192.168.64.1 netmask 0xffffff00 broadcast 192.168.64.255
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:3406 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:9300 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp6 0 0 :::2375 :::* LISTEN -
tcp6 0 0 :::3406 :::* LISTEN -
tcp6 0 0 :::9300 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
SYN_SENT:CLOSED
not sure why/if it is being blocked but visiting 192.168.64.29:9300 works fine
