[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Is there an iptables SNAT equivalent in pf ?
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Is there an iptables SNAT equivalent in pf ?
- From: Henning Brauer <lists-openbsd_(_at_)_bsws_(_dot_)_de>
- Date: Wed, 10 Dec 2003 23:16:01 +0100
- Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
On Wed, Dec 10, 2003 at 10:56:19PM +0100, Bo Jacobsen wrote:
> I'm new to BSD and is looking at OpenBSD as an option for our firewalls.
> On our present Linux boxes we use multiple nics (one external nic with multiple
> ip-addresses, and some internal ones) and I use the SNAT option in iptables a lot (every
> lan on each of the internal nics uses it's "own" ip on the external nic, when communication to
> the world.
> I understand that an equivalent to the SNAT (in iptables) is not avaliable in if, forcing all traffic through
> an external nic use the same source ip. Is this correct ?.
no, you can nat to a specific ip of course.
nat on $int_if from $some_network_1 to any -> 192.168.0.1
nat on $int_if from $some_network_2 to any -> 192.168.0.2
http://2suck.net/hhwl.html - http://www.bsws.de/
Unix is very simple, but it takes a genius to understand the simplicity.