[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is there an iptables SNAT equivalent in pf ?

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: Is there an iptables SNAT equivalent in pf ?
From: Richard Welty <rwelty_(_at_)_averillpark_(_dot_)_net>
Date: Wed, 10 Dec 2003 17:10:02 -0500 (EST)
Organization: Averill Park Networking
Reply-to: <misc_(_at_)_openbsd_(_dot_)_org>

On Wed, 10 Dec 2003 22:56:19 +0100 Bo Jacobsen <subs_(_at_)_systemhouse_(_dot_)_dk> wrote:

> I'm new to BSD and is looking at OpenBSD as an option for our firewalls.
> On our present Linux boxes we use multiple nics (one external nic with multiple
> ip-addresses, and some internal ones) and I use the SNAT option in iptables a lot (every
> lan on each of the internal nics uses it's "own" ip on the external nic, when communication to
> the world.

> I understand that an equivalent to the SNAT (in iptables) is not avaliable in if, forcing all traffic through
> an external nic use the same source ip. Is this correct ?.

no.

others will no doubt flame you mercilessly for not having found this
in the very useful OpenBSD FAQ:

  http://www.openbsd.org/faq/pf/nat.html

richard
-- 
Richard Welty                                         rwelty_(_at_)_averillpark_(_dot_)_net
Averill Park Networking                                         518-573-7592
    Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security

References:
- pf weirdness
  - From: B vd Zon

Prev by Date: Re: Is there an iptables SNAT equivalent in pf ?
Next by Date: Re: group permission weirdness
Previous by thread: Re: Is there an iptables SNAT equivalent in pf ?
Next by thread: cornerstone monitors
Index(es):
- Date
- Thread

Visit your host, monkey.org