From 15d5c73b5bbb960016f105e55cd56be157fc6acd Mon Sep 17 00:00:00 2001
From: Tom Alexander <tom@fizz.buzz>
Date: Wed, 26 Apr 2023 19:37:02 -0400
Subject: [PATCH] Add commented out jaeger config because it is not working.

---
 ansible/roles/firewall/files/odofreebsd_pf.conf | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/ansible/roles/firewall/files/odofreebsd_pf.conf b/ansible/roles/firewall/files/odofreebsd_pf.conf
index 95897f9..516cf16 100644
--- a/ansible/roles/firewall/files/odofreebsd_pf.conf
+++ b/ansible/roles/firewall/files/odofreebsd_pf.conf
@@ -19,6 +19,10 @@ set skip on lo
 nat pass on $ext_if inet from $jail_nat_v4 to $not_jail_nat_v4 -> (wlan0)
 rdr pass on $not_ext_if proto {tcp, udp} from any to 10.215.1.1 port 53 -> 1.1.1.1 port 53
 
+# Redirect jaeger ports to virtual machine.
+# nat pass on lo inet from 127.0.0.0/24 to 127.0.0.0/24 port {6831 6832 16686 14268} -> (jail_nat)
+# rdr pass proto {tcp, udp} from jail_nat:network to 127.0.0.0/24 port {6831 6832 16686 14268} -> 10.215.1.201
+
 # filtering
 block log all
 pass out on $ext_if
@@ -31,7 +35,7 @@ pass out on jail_nat from jail_nat
 # them because changes to pass rules will update when running a
 # `service pf reload` but interfaces that we `skip` will not update (I
 # forget if its from adding, removing, or both. TODO: test to figure
-# it out)
+# it out). Also skipped interfaces are not subject to nat/rdr rules.
 pass quick on $allow
 
 pass on $ext_if proto icmp all