PPPoE client+pf+nat
Andreas Rudisch
cyb. at gmx.net
Tue Oct 27 14:36:05 UTC 2009
On Tue, 27 Oct 2009 06:51:26 -0700 (PDT)
Dánielisz László <laszlo_danielisz at yahoo.com> wrote:
> Let's say I have two NICs in my PC: ext_if (for wan/pppoe connection) and int_if for my LAN.
> How would you manage to get work NAT with pf using PPPoE from my ISP
As a start your pf.conf could look a bit like this:
#####
ext_if = "tun0"
int_if = "em1"
localnet = $int_if:network
set block-policy return
set skip on lo0
scrub in all
nat on $ext_if from $localnet to any -> ($ext_if)
antispoof for ($ext_if)
antispoof for $int_if
block in log all
pass inet from { lo0, $localnet } to any
pass out on $ext_if all
#####
Andreas
--
GnuPG key : 0x2A573565 | http://www.gnupg.org/howtos/de/
Fingerprint: 925D 2089 0BF9 8DE5 9166 33BB F0FD CD37 2A57 3565
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20091027/a240f47d/attachment.pgp
More information about the freebsd-questions
mailing list