Is PF nat broken?
Matteo Riondato
rionda at gufi.org
Thu Oct 21 06:20:28 PDT 2004
I switched from PPP -nat + IPFW to PF for nat and packet filtering.
It seems to me that nat does not work with pf:
This are my rules in /etc/pf.conf :
ext_if = "tun0"
wifi_if = "rl0"
eth_if = "fxp1"
wifi_net = "192.168.1.0/27"
eth_net = "192.168.0.0/29"
[snip]
nat on $ext_if from $wifi_net to any -> ($ext_if)
nat on $ext_if from $eth_net to any -> ($ext_if)
[snip filtering rules]
In rc.conf I have
gateway_enable="YES"
ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="NO"
ppp_profile="eth"
pf_enable="YES"
pf_rules="/etc/pf.conf"
[snip]
Please note that I'm using pf.ko, not in-kernel support.
There isn't a "nat enable yes" line in /etc/ppp/ppp.conf
Any help will be appreciated.
Best Regards
--
Rionda aka Matteo Riondato
GUFI Staff Member (http://www.gufi.org)
FreeSBIE Developer (http://www.freesbie.org)
BSD-FAQ-it Main Developer (http://utenti.gufi.org/~rionda)
Sent from: kaiser.sig11.org running FreeBSD-6.0-CURRENT
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20041021/c002e299/attachment.bin
More information about the freebsd-current
mailing list