[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is there an iptables SNAT equivalent in pf ?



On Wed, Dec 10, 2003 at 10:56:19PM +0100, Bo Jacobsen wrote:
> I'm new to BSD and is looking at OpenBSD as an option for our firewalls.
> On our present Linux boxes we use multiple nics (one external nic with multiple
> ip-addresses, and some internal ones) and I use the SNAT option in iptables a lot (every
> lan on each of the internal nics uses it's "own" ip on the external nic, when communication to
> the world.
> 
> I understand that an equivalent to the SNAT (in iptables) is not avaliable in if, forcing all traffic through
> an external nic use the same source ip. Is this correct ?.

no, you can nat to a specific ip of course.

nat on $int_if from $some_network_1 to any -> 192.168.0.1
nat on $int_if from $some_network_2 to any -> 192.168.0.2

etc


-- 
http://2suck.net/hhwl.html - http://www.bsws.de/
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)