PF NAt
Andrey V. Semyonov
wilfre at mail.ru
Sat Apr 28 05:32:22 UTC 2007
> /etc/pf.conf
>
> exter_if = "vr0"
^^^
> nat on $exter_if from $inter_if to any -> $exter_if
^^^^^^^^^
Now look at man page about nat/rdr rule syntax:
nat-rule = [ "no" ] "nat" [ "pass" ] [ "on" ifspec ] [ af ]
[ protospec ] hosts [ "tag" string ] [ "tagged"
string ]
[ "->" ( redirhost | "{" redirhost-list "}" )
[ portspec ] [ pooltype ] [ "static-port" ] ]
Grammar says, that after the "->" keyword there should be specified
_host(s)_. So, if you want to use a macro, pointing to your interface
_name_, there's a technique to translate it to it's primary or any
aliased IP:
($macro)
Your line should look like this:
nat on $exter_if from $inter_if to any -> ($exter_if)
More information about the freebsd-questions
mailing list