On Mon, 4 Nov 2013 16:05:38 +0100 Marc Sontowski <marc@xxxxxxxxxxxxx> wrote: > # Pass all traffic to and from the local network, using quick so that later > # rules are not evaluated if a packet match this. Some rulesets would restrict > # local traffic much further > pass quick on $int_if all As comment says, quick keyword makes later rules being not evaluated if a packet match this. Try to add: > pass in quick on $ext_if proto tcp from 192.168.2.0/24 to port www divert-to 127.0.0.1 port 3128 above line that passes all quick on $int_if. -- Marko Cupać
