Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [Solved] HaProxy not working/port Issue

    Scheduled Pinned Locked Moved Cache/Proxy
    23 Posts 3 Posters 4.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      PiBa @manjotsc
      last edited by PiBa

      @manjotsc
      Not sure what you are doing but something is wrong ;)..

      When i send a curl request:
      curl -k https://gm.manjot.net/
      I get 2 totally different responses.. One is a list of 5 icons, the other says something about a 'speedtestcustom' .. It looks like you are balancing traffic between 2 servers that dont contain the same website..? Though that does not show in config above.. ??

      p.s. the certificate for auth.manjot.net is not valid for the the website gm.manjot.net..
      Pehaps you got multiple primary frontends on the same IP:port.? that cannot be.. use shared-frontends if you only have 1 ip to server multiple websites.

      manjotscM 1 Reply Last reply Reply Quote 0
      • manjotscM
        manjotsc @PiBa
        last edited by

        @PiBa auth.manjot.net, speed.manjot.net are other two webservers I am running, but when I go to gm.manjot.net, it keep going to these two servers.

        Vendor: HP
        Version: P01 Ver. 02.50
        Release Date: Wed Jul 17 2024
        Boot Method: UEFI
        24.11-RELEASE (amd64)
        FreeBSD 15.0-CURRENT
        CPU Type: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
        Current: 3606 MHz, Max: 3400 MHz
        4 CPUs : 1 package(s) x 4 core(s)

        P 2 Replies Last reply Reply Quote 0
        • P
          PiBa @manjotsc
          last edited by

          @manjotsc
          Is haproxy the only process listening on the :443 port ? And what does the 'complete' config look like? The config above only contains 1 server line so haproxy wouldnt be causing the switching between 2 websites. Not using multiple 'primary' frontends right?

          1 Reply Last reply Reply Quote 0
          • P
            PiBa @manjotsc
            last edited by

            @manjotsc
            Also is traffic even passing through haproxy at all? Or do you have a 'old' nat rule that directs traffic to the servers bypassing haproxy completely.?. Can you check that the request counters on the haproxy stats page do increase when requests are made.?

            manjotscM 2 Replies Last reply Reply Quote 0
            • manjotscM
              manjotsc @PiBa
              last edited by

              @PiBa I am running those two server on Virtualmin, and I have port 443 open for those two ip 192.168.40.73 and 192.168.40.74, maybe there is proxy already setup in virtualmin.

              Vendor: HP
              Version: P01 Ver. 02.50
              Release Date: Wed Jul 17 2024
              Boot Method: UEFI
              24.11-RELEASE (amd64)
              FreeBSD 15.0-CURRENT
              CPU Type: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
              Current: 3606 MHz, Max: 3400 MHz
              4 CPUs : 1 package(s) x 4 core(s)

              1 Reply Last reply Reply Quote 0
              • manjotscM
                manjotsc @PiBa
                last edited by

                @PiBa Annotation 2020-03-13 232839.png

                Vendor: HP
                Version: P01 Ver. 02.50
                Release Date: Wed Jul 17 2024
                Boot Method: UEFI
                24.11-RELEASE (amd64)
                FreeBSD 15.0-CURRENT
                CPU Type: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
                Current: 3606 MHz, Max: 3400 MHz
                4 CPUs : 1 package(s) x 4 core(s)

                1 Reply Last reply Reply Quote 0
                • manjotscM
                  manjotsc
                  last edited by manjotsc

                  @Derelict @PiBa I am getting connection refused for auth.manjot.net, I remove port forward for virtalmin server, I added a rule for 443 for firewall (pfsense) on wan side to use haproxy instead.

                  # Automaticaly generated, dont edit manually.
# Generated on: 2020-03-14 00:02
global
	maxconn			1000
	stats socket /tmp/haproxy.socket level admin 
	uid			80
	gid			80
	nbproc			1
	hard-stop-after		15m
	chroot				/tmp/haproxy_chroot
	daemon
	tune.ssl.default-dh-param	2048
	server-state-file /tmp/haproxy_server_state

listen HAProxyLocalStats
	bind 127.0.0.1:2200 name localstats
	mode http
	stats enable
	stats admin if TRUE
	stats show-legends
	stats uri /haproxy/haproxy_stats.php?haproxystats=1
	timeout client 5000
	timeout connect 5000
	timeout server 5000

frontend FrontEndProxy
	bind			147.253.151.155:443 name 147.253.151.155:443   ssl crt-list /var/etc/haproxy/FrontEndProxy.crt_list  
	mode			http
	log			global
	option			http-keep-alive
	timeout client		30000
	acl			auth	var(txn.txnhost) -m str -i auth.manjot.net
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^([^\.]*)\.manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^auth\.manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^www\.auth\.manjot\.net(:([0-9]){1,5})?$
	http-request set-var(txn.txnhost) hdr(host)
	use_backend Auth_ipvANY  if  auth aclcrt_FrontEndProxy

backend Auth_ipvANY
	mode			http
	id			102
	log			global
	timeout connect		30000
	timeout server		30000
	retries			3
	option			httpchk OPTIONS / 
	server			auth 192.168.40.73:443 id 103 ssl check inter 1000  verify none crt /var/etc/haproxy/server_clientcert_5d2d8e0f67246.pem

                  Annotation 2020-03-14 001010.png

                  ----------------- 204.48.94.205 is my data plan public ip
                  When I try to visit auth.manjot.net in firewall it's hitting all ip address.

                  Annotation 2020-03-14 001304.png

                  Vendor: HP
                  Version: P01 Ver. 02.50
                  Release Date: Wed Jul 17 2024
                  Boot Method: UEFI
                  24.11-RELEASE (amd64)
                  FreeBSD 15.0-CURRENT
                  CPU Type: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
                  Current: 3606 MHz, Max: 3400 MHz
                  4 CPUs : 1 package(s) x 4 core(s)

                  P 1 Reply Last reply Reply Quote 0
                  • P
                    PiBa @manjotsc
                    last edited by

                    @manjotsc
                    Looks to me like you still have a NAT rule in place that takes the traffic? And haproxy stats show that its FrontEndProxy has handled 0 sessions total (since it started.). So it is not receiving any traffic yet..

                    manjotscM 1 Reply Last reply Reply Quote 0
                    • manjotscM
                      manjotsc @PiBa
                      last edited by

                      @PiBa where can I locate that nat rule.

                      Vendor: HP
                      Version: P01 Ver. 02.50
                      Release Date: Wed Jul 17 2024
                      Boot Method: UEFI
                      24.11-RELEASE (amd64)
                      FreeBSD 15.0-CURRENT
                      CPU Type: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
                      Current: 3606 MHz, Max: 3400 MHz
                      4 CPUs : 1 package(s) x 4 core(s)

                      P 1 Reply Last reply Reply Quote 0
                      • P
                        PiBa @manjotsc
                        last edited by

                        @manjotsc
                        in the menu: firewall/nat/portforward ?

                        manjotscM 1 Reply Last reply Reply Quote 0
                        • manjotscM
                          manjotsc @PiBa
                          last edited by

                          @PiBa Here's what I got

                          Screenshot_2020-03-15 pfSense manjot net - Firewall NAT Port Forward.png

                          Vendor: HP
                          Version: P01 Ver. 02.50
                          Release Date: Wed Jul 17 2024
                          Boot Method: UEFI
                          24.11-RELEASE (amd64)
                          FreeBSD 15.0-CURRENT
                          CPU Type: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
                          Current: 3606 MHz, Max: 3400 MHz
                          4 CPUs : 1 package(s) x 4 core(s)

                          P 1 Reply Last reply Reply Quote 0
                          • P
                            PiBa @manjotsc
                            last edited by

                            @manjotsc
                            Not sure if any of those port-alias's contain 443 also. But it seems to look alright. If this is indeed the 'active' ruleset.

                            manjotscM 1 Reply Last reply Reply Quote 0
                            • manjotscM
                              manjotsc @PiBa
                              last edited by

                              @PiBa port-alias don't contain 443, but still not working..

                              Vendor: HP
                              Version: P01 Ver. 02.50
                              Release Date: Wed Jul 17 2024
                              Boot Method: UEFI
                              24.11-RELEASE (amd64)
                              FreeBSD 15.0-CURRENT
                              CPU Type: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
                              Current: 3606 MHz, Max: 3400 MHz
                              4 CPUs : 1 package(s) x 4 core(s)

                              P 1 Reply Last reply Reply Quote 0
                              • P
                                PiBa @manjotsc
                                last edited by

                                @manjotsc can you run the command on ssh: pfctl -sn and show the output?

                                manjotscM 1 Reply Last reply Reply Quote 0
                                • manjotscM
                                  manjotsc @PiBa
                                  last edited by manjotsc

                                  @PiBa

                                  no nat proto carp all
nat-anchor "natearly/*" all
nat-anchor "natrules/*" all
nat on igb0 inet from <PlayStation> to any -> 147.253.151.155 port 1024:65535
nat on igb0 inet from 127.0.0.0/8 to any port = isakmp -> 147.253.151.155 static-port
nat on igb0 inet from 127.0.0.0/8 to any -> 147.253.151.155 port 1024:65535
nat on igb0 inet from <tonatsubnets> to any port = isakmp -> 147.253.151.155 static-port
nat on igb0 inet6 from <tonatsubnets> to any port = isakmp -> (igb0) round-robin static-port
nat on igb0 inet from <tonatsubnets> to any -> 147.253.151.155 port 1024:65535
nat on igb0 inet6 from <tonatsubnets> to any -> (igb0) port 1024:65535 round-robin
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.4 port = 8385
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.4 port = 8022
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.4 port = 8027
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.4 port = 8384
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.4 port = 8383
no nat on igb1 inet proto udp from (igb1) to 192.168.40.4 port = 8385
no nat on igb1 inet proto udp from (igb1) to 192.168.40.4 port = 8022
no nat on igb1 inet proto udp from (igb1) to 192.168.40.4 port = 8027
no nat on igb1 inet proto udp from (igb1) to 192.168.40.4 port = 8384
no nat on igb1 inet proto udp from (igb1) to 192.168.40.4 port = 8383
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.4 port = 8385 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.4 port = 8022 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.4 port = 8027 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.4 port = 8384 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.4 port = 8383 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.4 port = 8385 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.4 port = 8022 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.4 port = 8027 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.4 port = 8384 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.4 port = 8383 -> 192.168.40.1 port 1024:65535
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.2 port = 4075
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.2 port = 4075 -> 192.168.40.1 port 1024:65535
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = 10823
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = 10823 -> 192.168.40.1 port 1024:65535
no nat on igb1 inet proto udp from (igb1) to 192.168.40.3 port = 10823
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.3 port = 10823 -> 192.168.40.1 port 1024:65535
no nat on igb1 inet proto udp from (igb1) to 192.168.40.3 port = 27017
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.3 port = 27017 -> 192.168.40.1 port 1024:65535
no nat on igb1 inet proto udp from (igb1) to 192.168.40.42 port = 3658
no nat on igb1 inet proto udp from (igb1) to 192.168.40.42 port = 3659
no nat on igb1 inet proto udp from (igb1) to 192.168.40.42 port = 3660
no nat on igb1 inet proto udp from (igb1) to 192.168.40.42 port = 3661
no nat on igb1 inet proto udp from (igb1) to 192.168.40.42 port = 3662
no nat on igb1 inet proto udp from (igb1) to 192.168.40.42 port = 3663
no nat on igb1 inet proto udp from (igb1) to 192.168.40.42 port = 3664
no nat on igb1 inet proto udp from (igb1) to 192.168.40.42 port = 3665
no nat on igb1 inet proto udp from (igb1) to 192.168.40.42 port = 3667
no nat on igb1 inet proto udp from (igb1) to 192.168.40.42 port = x11
no nat on igb1 inet proto udp from (igb1) to 192.168.40.42 port = x11-ssh
no nat on igb1 inet proto udp from (igb1) to 192.168.40.42 port = afs3-fileserver
no nat on igb1 inet proto udp from (igb1) to 192.168.40.42 port = 6180
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.42 port = 3658 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.42 port = 3659 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.42 port = 3660 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.42 port = 3661 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.42 port = 3662 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.42 port = 3663 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.42 port = 3664 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.42 port = 3665 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.42 port = 3667 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.42 port = x11 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.42 port = x11-ssh -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.42 port = afs3-fileserver -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.42 port = 6180 -> 192.168.40.1 port 1024:65535
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = http
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = https
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = 13000
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = 13005
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = 13200
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = 14000
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = sua
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = 14008
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = 14020
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = 14021
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = 14022
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = 14023
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.3 port = 14024
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = http -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = https -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = 13000 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = 13005 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = 13200 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = 14000 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = sua -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = 14008 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = 14020 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = 14021 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = 14022 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = 14023 -> 192.168.40.1 port 1024:65535
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.3 port = 14024 -> 192.168.40.1 port 1024:65535
no nat on igb1 inet proto udp from (igb1) to 192.168.40.3 port = 3075
nat on igb1 inet proto udp from 192.168.40.0/24 to 192.168.40.3 port = 3075 -> 192.168.40.1 port 1024:65535
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.87 port = 9999
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.87 port = 9999 -> 192.168.40.1 port 1024:65535
no nat on igb1 inet proto tcp from (igb1) to 192.168.40.87 port = 9998
nat on igb1 inet proto tcp from 192.168.40.0/24 to 192.168.40.87 port = 9998 -> 192.168.40.1 port 1024:65535
no rdr proto carp all
rdr-anchor "relayd/*" all
rdr-anchor "tftp-proxy/*" all
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 8385 -> 192.168.40.4
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 8022 -> 192.168.40.4
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 8027 -> 192.168.40.4
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 8384 -> 192.168.40.4
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 8383 -> 192.168.40.4
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 8385 -> 192.168.40.4
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 8022 -> 192.168.40.4
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 8027 -> 192.168.40.4
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 8384 -> 192.168.40.4
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 8383 -> 192.168.40.4
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 8385 -> 192.168.40.4
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 8022 -> 192.168.40.4
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 8027 -> 192.168.40.4
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 8384 -> 192.168.40.4
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 8383 -> 192.168.40.4
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 8385 -> 192.168.40.4
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 8022 -> 192.168.40.4
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 8027 -> 192.168.40.4
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 8384 -> 192.168.40.4
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 8383 -> 192.168.40.4
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 8385 -> 192.168.40.4
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 8022 -> 192.168.40.4
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 8027 -> 192.168.40.4
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 8384 -> 192.168.40.4
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 8383 -> 192.168.40.4
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 8385 -> 192.168.40.4
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 8022 -> 192.168.40.4
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 8027 -> 192.168.40.4
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 8384 -> 192.168.40.4
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 8383 -> 192.168.40.4

                                  Vendor: HP
                                  Version: P01 Ver. 02.50
                                  Release Date: Wed Jul 17 2024
                                  Boot Method: UEFI
                                  24.11-RELEASE (amd64)
                                  FreeBSD 15.0-CURRENT
                                  CPU Type: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
                                  Current: 3606 MHz, Max: 3400 MHz
                                  4 CPUs : 1 package(s) x 4 core(s)

                                  manjotscM 1 Reply Last reply Reply Quote 0
                                  • manjotscM
                                    manjotsc @manjotsc
                                    last edited by manjotsc

                                    @manjotsc

                                    rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 8385 -> 192.168.40.4
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 8022 -> 192.168.40.4
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 8027 -> 192.168.40.4
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 8384 -> 192.168.40.4
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 8383 -> 192.168.40.4
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 8385 -> 192.168.40.4
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 8022 -> 192.168.40.4
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 8027 -> 192.168.40.4
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 8384 -> 192.168.40.4
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 8383 -> 192.168.40.4
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 8385 -> 192.168.40.4
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 8022 -> 192.168.40.4
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 8027 -> 192.168.40.4
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 8384 -> 192.168.40.4
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 8383 -> 192.168.40.4
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 8385 -> 192.168.40.4
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 8022 -> 192.168.40.4
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 8027 -> 192.168.40.4
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 8384 -> 192.168.40.4
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 8383 -> 192.168.40.4
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 3658 -> <PlayStation> round-robin
rdr on igb0 inet proto udp from any to 147.253.151.155 port 4000:4050 -> <PlayStation> round-robin
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 9103 -> <PlayStation> round-robin
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 3658 -> <PlayStation> round-robin
rdr on igb1 inet proto udp from any to 147.253.151.155 port 4000:4050 -> <PlayStation> round-robin
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 9103 -> <PlayStation> round-robin
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 3658 -> <PlayStation> round-robin
rdr on igb2 inet proto udp from any to 147.253.151.155 port 4000:4050 -> <PlayStation> round-robin
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 9103 -> <PlayStation> round-robin
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 3658 -> <PlayStation> round-robin
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port 4000:4050 -> <PlayStation> round-robin
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 9103 -> <PlayStation> round-robin
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 3658 -> <PlayStation> round-robin
rdr on openvpn inet proto udp from any to 147.253.151.155 port 4000:4050 -> <PlayStation> round-robin
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 9103 -> <PlayStation> round-robin
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = http -> <PlayStation> round-robin
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = https -> <PlayStation> round-robin
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = http -> <PlayStation> round-robin
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = https -> <PlayStation> round-robin
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = http -> <PlayStation> round-robin
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = https -> <PlayStation> round-robin
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = http -> <PlayStation> round-robin
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = https -> <PlayStation> round-robin
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = http -> <PlayStation> round-robin
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = https -> <PlayStation> round-robin
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 4075 -> 192.168.40.2
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 4075 -> 192.168.40.2
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 4075 -> 192.168.40.2
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 4075 -> 192.168.40.2
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 4075 -> 192.168.40.2
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 10823 -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 10823 -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 10823 -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 10823 -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 10823 -> 192.168.40.3
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 10823 -> 192.168.40.3
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 10823 -> 192.168.40.3
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 10823 -> 192.168.40.3
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 10823 -> 192.168.40.3
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 10823 -> 192.168.40.3
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 3074 -> <PlayStation> round-robin
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 3074 -> <PlayStation> round-robin
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 3074 -> <PlayStation> round-robin
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 3074 -> <PlayStation> round-robin
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 3074 -> <PlayStation> round-robin
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 27017 -> 192.168.40.3
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 27017 -> 192.168.40.3
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 27017 -> 192.168.40.3
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 27017 -> 192.168.40.3
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 27017 -> 192.168.40.3
rdr on igb0 proto tcp from any to any port = http -> <PlayStation> round-robin
rdr on igb0 proto tcp from any to any port = https -> <PlayStation> round-robin
rdr on igb0 proto tcp from any to any port = 1935 -> <PlayStation> round-robin
rdr on igb0 proto tcp from any to any port = 3478 -> <PlayStation> round-robin
rdr on igb0 proto tcp from any to any port = 3480 -> <PlayStation> round-robin
rdr on igb0 proto tcp from any to any port = 3479 -> <PlayStation> round-robin
rdr on igb1 inet proto tcp from any to 147.253.151.128/25 port = http -> <PlayStation> round-robin
rdr on igb1 inet proto tcp from any to 147.253.151.128/25 port = https -> <PlayStation> round-robin
rdr on igb1 inet proto tcp from any to 147.253.151.128/25 port = 1935 -> <PlayStation> round-robin
rdr on igb1 inet proto tcp from any to 147.253.151.128/25 port = 3478 -> <PlayStation> round-robin
rdr on igb1 inet proto tcp from any to 147.253.151.128/25 port = 3480 -> <PlayStation> round-robin
rdr on igb1 inet proto tcp from any to 147.253.151.128/25 port = 3479 -> <PlayStation> round-robin
rdr on igb2 inet proto tcp from any to 147.253.151.128/25 port = http -> <PlayStation> round-robin
rdr on igb2 inet proto tcp from any to 147.253.151.128/25 port = https -> <PlayStation> round-robin
rdr on igb2 inet proto tcp from any to 147.253.151.128/25 port = 1935 -> <PlayStation> round-robin
rdr on igb2 inet proto tcp from any to 147.253.151.128/25 port = 3478 -> <PlayStation> round-robin
rdr on igb2 inet proto tcp from any to 147.253.151.128/25 port = 3480 -> <PlayStation> round-robin
rdr on igb2 inet proto tcp from any to 147.253.151.128/25 port = 3479 -> <PlayStation> round-robin
rdr on igb1.14 inet proto tcp from any to 147.253.151.128/25 port = http -> <PlayStation> round-robin
rdr on igb1.14 inet proto tcp from any to 147.253.151.128/25 port = https -> <PlayStation> round-robin
rdr on igb1.14 inet proto tcp from any to 147.253.151.128/25 port = 1935 -> <PlayStation> round-robin
rdr on igb1.14 inet proto tcp from any to 147.253.151.128/25 port = 3478 -> <PlayStation> round-robin
rdr on igb1.14 inet proto tcp from any to 147.253.151.128/25 port = 3480 -> <PlayStation> round-robin
rdr on igb1.14 inet proto tcp from any to 147.253.151.128/25 port = 3479 -> <PlayStation> round-robin
rdr on openvpn inet proto tcp from any to 147.253.151.128/25 port = http -> <PlayStation> round-robin
rdr on openvpn inet proto tcp from any to 147.253.151.128/25 port = https -> <PlayStation> round-robin
rdr on openvpn inet proto tcp from any to 147.253.151.128/25 port = 1935 -> <PlayStation> round-robin
rdr on openvpn inet proto tcp from any to 147.253.151.128/25 port = 3478 -> <PlayStation> round-robin
rdr on openvpn inet proto tcp from any to 147.253.151.128/25 port = 3480 -> <PlayStation> round-robin
rdr on openvpn inet proto tcp from any to 147.253.151.128/25 port = 3479 -> <PlayStation> round-robin
rdr on igb0 proto udp from any to any port = 3478 -> <PlayStation> round-robin
rdr on igb0 proto udp from any to any port = 3479 -> <PlayStation> round-robin
rdr on igb1 inet proto udp from any to 147.253.151.128/25 port = 3478 -> <PlayStation> round-robin
rdr on igb1 inet proto udp from any to 147.253.151.128/25 port = 3479 -> <PlayStation> round-robin
rdr on igb2 inet proto udp from any to 147.253.151.128/25 port = 3478 -> <PlayStation> round-robin
rdr on igb2 inet proto udp from any to 147.253.151.128/25 port = 3479 -> <PlayStation> round-robin
rdr on igb1.14 inet proto udp from any to 147.253.151.128/25 port = 3478 -> <PlayStation> round-robin
rdr on igb1.14 inet proto udp from any to 147.253.151.128/25 port = 3479 -> <PlayStation> round-robin
rdr on openvpn inet proto udp from any to 147.253.151.128/25 port = 3478 -> <PlayStation> round-robin
rdr on openvpn inet proto udp from any to 147.253.151.128/25 port = 3479 -> <PlayStation> round-robin
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 3658 -> 192.168.40.42
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 3659 -> 192.168.40.42
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 3660 -> 192.168.40.42
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 3661 -> 192.168.40.42
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 3662 -> 192.168.40.42
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 3663 -> 192.168.40.42
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 3664 -> 192.168.40.42
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 3665 -> 192.168.40.42
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 3667 -> 192.168.40.42
rdr on igb0 inet proto udp from any to 147.253.151.155 port = x11 -> 192.168.40.42
rdr on igb0 inet proto udp from any to 147.253.151.155 port = x11-ssh -> 192.168.40.42
rdr on igb0 inet proto udp from any to 147.253.151.155 port = afs3-fileserver -> 192.168.40.42
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 6180 -> 192.168.40.42
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 3658 -> 192.168.40.42
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 3659 -> 192.168.40.42
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 3660 -> 192.168.40.42
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 3661 -> 192.168.40.42
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 3662 -> 192.168.40.42
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 3663 -> 192.168.40.42
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 3664 -> 192.168.40.42
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 3665 -> 192.168.40.42
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 3667 -> 192.168.40.42
rdr on igb1 inet proto udp from any to 147.253.151.155 port = x11 -> 192.168.40.42
rdr on igb1 inet proto udp from any to 147.253.151.155 port = x11-ssh -> 192.168.40.42
rdr on igb1 inet proto udp from any to 147.253.151.155 port = afs3-fileserver -> 192.168.40.42
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 6180 -> 192.168.40.42
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 3658 -> 192.168.40.42
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 3659 -> 192.168.40.42
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 3660 -> 192.168.40.42
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 3661 -> 192.168.40.42
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 3662 -> 192.168.40.42
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 3663 -> 192.168.40.42
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 3664 -> 192.168.40.42
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 3665 -> 192.168.40.42
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 3667 -> 192.168.40.42
rdr on igb2 inet proto udp from any to 147.253.151.155 port = x11 -> 192.168.40.42
rdr on igb2 inet proto udp from any to 147.253.151.155 port = x11-ssh -> 192.168.40.42
rdr on igb2 inet proto udp from any to 147.253.151.155 port = afs3-fileserver -> 192.168.40.42
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 6180 -> 192.168.40.42
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 3658 -> 192.168.40.42
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 3659 -> 192.168.40.42
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 3660 -> 192.168.40.42
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 3661 -> 192.168.40.42
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 3662 -> 192.168.40.42
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 3663 -> 192.168.40.42
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 3664 -> 192.168.40.42
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 3665 -> 192.168.40.42
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 3667 -> 192.168.40.42
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = x11 -> 192.168.40.42
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = x11-ssh -> 192.168.40.42
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = afs3-fileserver -> 192.168.40.42
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 6180 -> 192.168.40.42
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 3658 -> 192.168.40.42
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 3659 -> 192.168.40.42
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 3660 -> 192.168.40.42
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 3661 -> 192.168.40.42
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 3662 -> 192.168.40.42
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 3663 -> 192.168.40.42
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 3664 -> 192.168.40.42
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 3665 -> 192.168.40.42
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 3667 -> 192.168.40.42
rdr on openvpn inet proto udp from any to 147.253.151.155 port = x11 -> 192.168.40.42
rdr on openvpn inet proto udp from any to 147.253.151.155 port = x11-ssh -> 192.168.40.42
rdr on openvpn inet proto udp from any to 147.253.151.155 port = afs3-fileserver -> 192.168.40.42
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 6180 -> 192.168.40.42
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = http -> 192.168.40.3
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = https -> 192.168.40.3
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 13000 -> 192.168.40.3
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 13005 -> 192.168.40.3
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 13200 -> 192.168.40.3
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 14000 -> 192.168.40.3
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = sua -> 192.168.40.3
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 14008 -> 192.168.40.3
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 14020 -> 192.168.40.3
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 14021 -> 192.168.40.3
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 14022 -> 192.168.40.3
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 14023 -> 192.168.40.3
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 14024 -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = http -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = https -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 13000 -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 13005 -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 13200 -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 14000 -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = sua -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 14008 -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 14020 -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 14021 -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 14022 -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 14023 -> 192.168.40.3
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 14024 -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = http -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = https -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 13000 -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 13005 -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 13200 -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 14000 -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = sua -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 14008 -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 14020 -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 14021 -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 14022 -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 14023 -> 192.168.40.3
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 14024 -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = http -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = https -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 13000 -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 13005 -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 13200 -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 14000 -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = sua -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 14008 -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 14020 -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 14021 -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 14022 -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 14023 -> 192.168.40.3
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 14024 -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = http -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = https -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 13000 -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 13005 -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 13200 -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 14000 -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = sua -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 14008 -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 14020 -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 14021 -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 14022 -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 14023 -> 192.168.40.3
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 14024 -> 192.168.40.3
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 3075 -> 192.168.40.3
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 3075 -> 192.168.40.3
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 3075 -> 192.168.40.3
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 3075 -> 192.168.40.3
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 3075 -> 192.168.40.3
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 9999 -> 192.168.40.87
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 9999 -> 192.168.40.87
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 9999 -> 192.168.40.87
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 9999 -> 192.168.40.87
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 9999 -> 192.168.40.87
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 9998 -> 192.168.40.87
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 9998 -> 192.168.40.87
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 9998 -> 192.168.40.87
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 9998 -> 192.168.40.87
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 9998 -> 192.168.40.87
rdr on igb0 inet proto udp from any to 147.253.151.155 port = 40010 -> 192.168.45.1
rdr on igb1 inet proto udp from any to 147.253.151.155 port = 40010 -> 192.168.45.1
rdr on igb2 inet proto udp from any to 147.253.151.155 port = 40010 -> 192.168.45.1
rdr on igb1.14 inet proto udp from any to 147.253.151.155 port = 40010 -> 192.168.45.1
rdr on openvpn inet proto udp from any to 147.253.151.155 port = 40010 -> 192.168.45.1
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = 40000 -> 192.168.44.1
rdr on igb1 inet proto tcp from any to 147.253.151.155 port = 40000 -> 192.168.44.1
rdr on igb2 inet proto tcp from any to 147.253.151.155 port = 40000 -> 192.168.44.1
rdr on igb1.14 inet proto tcp from any to 147.253.151.155 port = 40000 -> 192.168.44.1
rdr on openvpn inet proto tcp from any to 147.253.151.155 port = 40000 -> 192.168.44.1
rdr pass on igb1 inet proto tcp from any to 172.16.1.1 port = http -> 127.0.0.1 port 8081
rdr pass on igb2 inet proto tcp from any to 172.16.1.1 port = http -> 127.0.0.1 port 8081
rdr pass on igb1.14 inet proto tcp from any to 172.16.1.1 port = http -> 127.0.0.1 port 8081
rdr pass on openvpn inet proto tcp from any to 172.16.1.1 port = http -> 127.0.0.1 port 8081
rdr pass on igb1 inet proto tcp from any to 172.16.1.1 port = https -> 127.0.0.1 port 8443
rdr pass on igb2 inet proto tcp from any to 172.16.1.1 port = https -> 127.0.0.1 port 8443
rdr pass on igb1.14 inet proto tcp from any to 172.16.1.1 port = https -> 127.0.0.1 port 8443
rdr pass on openvpn inet proto tcp from any to 172.16.1.1 port = https -> 127.0.0.1 port 8443
rdr-anchor "miniupnpd" all

                                    Vendor: HP
                                    Version: P01 Ver. 02.50
                                    Release Date: Wed Jul 17 2024
                                    Boot Method: UEFI
                                    24.11-RELEASE (amd64)
                                    FreeBSD 15.0-CURRENT
                                    CPU Type: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
                                    Current: 3606 MHz, Max: 3400 MHz
                                    4 CPUs : 1 package(s) x 4 core(s)

                                    P 1 Reply Last reply Reply Quote 0
                                    • P
                                      PiBa @manjotsc
                                      last edited by

                                      @manjotsc
                                      There are a few candidates in there that are forwarding https traffic from your public ip..:

                                      rdr on igb0 inet proto tcp from any to 147.253.151.155 port = https -> <PlayStation> round-robin
rdr on igb0 proto tcp from any to any port = https -> <PlayStation> round-robin
rdr on igb0 inet proto tcp from any to 147.253.151.155 port = https -> 192.168.40.3
                                      manjotscM 1 Reply Last reply Reply Quote 1
                                      • manjotscM
                                        manjotsc @PiBa
                                        last edited by manjotsc

                                        @PiBa Thanks, Port Situation is fixed now, but I am getting this error now, for my pfsense

                                        Annotation 2020-03-18 083133.jpg

                                        Annotation 2020-03-18 083250.jpg

                                        # Automaticaly generated, dont edit manually.
# Generated on: 2020-03-18 08:29
global
	maxconn			1000
	stats socket /tmp/haproxy.socket level admin 
	uid			80
	gid			80
	nbproc			1
	hard-stop-after		15m
	chroot				/tmp/haproxy_chroot
	daemon
	tune.ssl.default-dh-param	2048
	server-state-file /tmp/haproxy_server_state

listen HAProxyLocalStats
	bind 127.0.0.1:2200 name localstats
	mode http
	stats enable
	stats admin if TRUE
	stats show-legends
	stats uri /haproxy/haproxy_stats.php?haproxystats=1
	timeout client 5000
	timeout connect 5000
	timeout server 5000

frontend FrontEndProxy
	bind			147.253.151.155:443 name 147.253.151.155:443   ssl crt-list /var/etc/haproxy/FrontEndProxy.crt_list  
	mode			http
	log			global
	option			http-keep-alive
	timeout client		30000
	acl			auth	var(txn.txnhost) -m str -i auth.manjot.net
	acl			speed	var(txn.txnhost) -m str -i speed.manjot.net
	acl			pfsense	var(txn.txnhost) -m str -i pfsense.manjot.net
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^([^\.]*)\.manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^auth\.manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^www\.auth\.manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^speed\.manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^ntopng\.manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^pfsense\.manjot\.net(:([0-9]){1,5})?$
	http-request set-var(txn.txnhost) hdr(host)
	use_backend Auth_ipvANY  if  auth aclcrt_FrontEndProxy
	use_backend Speed_ipvANY  if  speed aclcrt_FrontEndProxy
	use_backend PfSense_ipvANY  if  pfsense aclcrt_FrontEndProxy

backend Auth_ipvANY
	mode			http
	id			102
	log			global
	timeout connect		30000
	timeout server		30000
	retries			3
	option			httpchk OPTIONS / 
	server			auth 192.168.40.73:443 id 103 ssl check inter 1000  verify none crt /var/etc/haproxy/server_clientcert_5d2d8e0f67246.pem 

backend Speed_ipvANY
	mode			http
	id			106
	log			global
	timeout connect		30000
	timeout server		30000
	retries			3
	option			httpchk OPTIONS / 
	server			speed 192.168.40.74:443 id 103 ssl check inter 1000  verify none crt /var/etc/haproxy/server_clientcert_5daf9c80e7570.pem 

backend PfSense_ipvANY
	mode			http
	id			104
	log			global
	timeout connect		30000
	timeout server		30000
	retries			3
	option			httpchk OPTIONS / 
	server			pfsense 192.168.40.1:4077 id 105 ssl check inter 1000  verify none crt /var/etc/haproxy/server_clientcert_5daf809d44c6d.pem

                                        Vendor: HP
                                        Version: P01 Ver. 02.50
                                        Release Date: Wed Jul 17 2024
                                        Boot Method: UEFI
                                        24.11-RELEASE (amd64)
                                        FreeBSD 15.0-CURRENT
                                        CPU Type: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
                                        Current: 3606 MHz, Max: 3400 MHz
                                        4 CPUs : 1 package(s) x 4 core(s)

                                        P 1 Reply Last reply Reply Quote 0
                                        • P
                                          PiBa @manjotsc
                                          last edited by

                                          @manjotsc
                                          83ffb267-65ba-4330-9c42-b6c2f756a32e-image.png
                                          The 'not allowed' message usually tels that a wrong method was used in the request. In this case change the OPTIONS to HEAD. And it should become 'green'.

                                          manjotscM 1 Reply Last reply Reply Quote 1
                                          • manjotscM
                                            manjotsc @PiBa
                                            last edited by

                                            @PiBa Thank you very much, for all the support you provided.

                                            Vendor: HP
                                            Version: P01 Ver. 02.50
                                            Release Date: Wed Jul 17 2024
                                            Boot Method: UEFI
                                            24.11-RELEASE (amd64)
                                            FreeBSD 15.0-CURRENT
                                            CPU Type: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
                                            Current: 3606 MHz, Max: 3400 MHz
                                            4 CPUs : 1 package(s) x 4 core(s)

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.