Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Redirect traffic to a single external host:port from internal client

    Scheduled Pinned Locked Moved NAT
    4 Posts 3 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nsanity
      last edited by

      Okay, here is my situation:

      I've got a program that I can't change (no src, all statically input IPs, etc) and it has to talk to 192.168.1.1 (see attachment).  However, I need to intercept all mail traffic that should go to 192.168.1.1 and put it somewhere else.

      I apologize if this is an easy task… but man I'm stumped!

      Actually, preferrably it could talk to netcat on the pfSense box.
      ![Picture 2.png](/public/imported_attachments/1/Picture 2.png)
      ![Picture 2.png_thumb](/public/imported_attachments/1/Picture 2.png_thumb)

      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by

        Going from memory, but…

        1. Create a port forward
        2. Set interface to LAN
        3. Set proto
        4. Set external address to any
        5. Set external proto to HTTP
        6. Set NATIP to the machine that will receive the "hijacked" connection
        7. Set local port to HTTP
        8. Give it a description
        9. Save

        Now any traffic from LAN -> OUT (HTTP) will be hijacked and sent to the IP entered on the 6th step.

        Obviously change the proto and ports to match what your doing.

        1 Reply Last reply Reply Quote 0
        • N
          nsanity
          last edited by

          Awesome.  This worked perfectly.

          I actually ended up having to tunnel (via SSH) to another system to do the delivery, but we can now save an extra 4 hours of manual work a day!

          Much thanks!

          1 Reply Last reply Reply Quote 0
          • J
            jobsoft
            last edited by

            What I would like to do is similar, but, just a single host IP:port (the pfsense LAN interface address actually) to an internal LAN host:port (port being the same for both).

            What I am trying to do is have LAN:25 (and ONLY LAN:25) being redirected to the internal:25.  All other WAN destinations:25 would be unimpeded.

            I have tried a LAN NAT rules with the "external" source the LAN interface IP and any port to the internal IP port 25.  But, as you might guess, it only works when you are on the pfsense shell such that you are coming from LAN interface IP.  I am sure there is some way to do this.  Maybe it takes more than one NAT rule to do.  Not sure.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.