I'm currently using IPFW on 3 dedicated firewall servers, and I would like to convert them to PF for some of its functionalities, but I need divert to work. Specifically I am teeing packets to a custom application for network analysis purposes.
Is it (or something similar) supported in PF?
If I remember correctly: PF has a special interface for monitoring purposes (pflog). You might wanna consult the manpage for it.
No, in OpenBSD v4.6 version, PF has no divert-like feature.
But good news, divert for PF will be included in OpenBSD v4.7 version
See http://www.mail-archive.com/[email protected]/msg11694.html for details. You could try it with OpenBSD-current branch / snapshots.
pf does have a command called 'divert-to' that is supposed to provide for local transparent routing. See the pf.conf man page for slightly more details. It appears to be simple but it doesn't seem to want to do what I want it to do: local capture and redirection to a local port of outbound traffic which is locally generated.
Other similar commands which I have tried but to no avail are: 'rdr' which instructs a packet to have a new destination, overwriting the old one... useful for destination nat type applications. 'route-to' which instructs a packet to pass through another location before arriving at its original destination... doesn't accept a port, useful for routers, not so much for proxies.