pf or ipfw for NAT
Frank Leonhardt
frank2 at fjl.co.uk
Fri Apr 2 20:36:09 UTC 2021
On 02/04/2021 21:03, Steve O'Hara-Smith wrote:
> On Fri, 2 Apr 2021 20:17:58 +0100
> Frank Leonhardt <freebsd-doc at fjl.co.uk> wrote:
>
>> For longer than I care to remember (FreeBSD 2) I've implemented a
>> physical asymmetric nat gateway using natd and ipfw. I just do what the
>> user guide says and it works.
> Yes it does and that's fine.
>
>> Am I using ipfw/natd for historical reasons? Can I do the same with pf?
> Yes you can the relevant line in my pf.conf is:
>
> nat on $ext_if inet from !($ext_if) -> ($ext_if:0)
Thanks Steve. Any idea whether I need to enable the gateway when using
pf instead?
e.g. sysctl net.inet.ip.forwarding=1
Thanks, Frank.
More information about the freebsd-questions
mailing list