2

I was trying to setup a PF redirect rule to force all web traffic from a specific user account to go through a web filter on a shared computer.

With iptables, I can use --uid-owner option to limit the applicability of the rule to certain user like below

iptables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner bob --dport 80 -j REDIRECT --to-port 8080

However, I can not figure out how to achieve the same goal with PF's rdr rule. I tried something like below but got syntax error when load the rules with pfctl.

rdr inet proto tcp from any to any port www user bob -> 127.0.0.1 port 8080
victorx
  • 121
  • 1

1 Answers1

0

As far as I can tell, there is no such feature in the FreeBSD version of pf. Maybe the OpenBSD people have something implemented on that level?

Daywalker
  • 495
  • 5
  • 25