Newbie
Gergely CZUCZY
phoemix at harmless.hu
Fri Aug 25 15:11:36 UTC 2006
On Fri, Aug 25, 2006 at 12:01:26PM -0300, Bruno Bandeira wrote:
> Hey Guys,
>
> I am newbie in pf world, so i need to put my network to access internet ....
>
> My gateway is a freebsd machine, and i have a few questions... PS: I have
> read the manual =)
also read this: http://www.openbsd.org/faq/pf/
> I need to nat my network.How can i do this? I try this..
>
> nat on $ext_if from $rede to any -> ($ext_if)
let's parse this:
+nat: this means, you will perform a NAT action, Network Address Translation
+on $ext_if: on those packets which arrive on your $ext_if to your machine
+from $rede: from the source of $rede (it's usually a CIDR)
+to any: they go to anywhere, aka 0/0
+-> ($ext_if): after translation they will have the address of the interface $ext_if
hint: check the "on" part of the rule
> My default policy is:
>
> block in all
>
> And the statefull spection
>
> pass out keep state
that looks good. also read the faq, there are examples for this IIRC.
Bye,
Gergely Czuczy
mailto: gergely.czuczy at harmless.hu
PGP: http://phoemix.harmless.hu/phoemix.pgp
Weenies test. Geniuses solve problems that arise.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20060825/a4a8ae7b/attachment.pgp
More information about the freebsd-pf
mailing list