bidirectional NAT in PF?
secucatcher at free.fr
secucatcher at free.fr
Sat Sep 6 19:41:58 UTC 2008
> Is this true, that PF supports bidirectional NAT? That is, NAT of
> both the source and the destination IP in a connection, at the same
> time?
>
> I had attempted this in the past but I could not find a rule syntax
> that would accomplish it. Looking at the above, it appears that this
> may be possible because PF processes the rulebase twice for forwarded
> traffic; once on input, and again on output. If the inbound packet
> matched a "rdr" rule, and the outbound matched a "nat" rule, this
> would accomplish bidirectional NAT?
>
> Interesting technique, if it works.
"binat" was not working for u ?
binat on $ifext from private-ip to any -> public-ip
More information about the freebsd-pf
mailing list