[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Pf rules



I have to build a firewall/router, all the boxes on the internal network are
to be addressed 192.168.0.x/24. Our ISP has given us a /28 network so that
we can set up multiple DNS/Email servers. As all the computers are to be
addressed a private IP we need to NAT a public IP address to certain
computers so they are visible to the outside world and also the private Ips
(without having to route).

Could someone show me how this is done with PF rules please?

Here is a simple diagram of the layout:

   +--------+
   | modem  |  81.x.x.x.161
   | router |  81.x.x.x/28
   +--------+
       |
       |
       |
       |
  +---------+
  | openbsd | 81.x.x.162/28 
  +---------+
       |
       |
       |
-----------------

box 1 192.168.0.10 using 81.x.x.163

As the modem is routing (and there seems no way to change this) the Openbsd
box has to bridge and NAT at the same time, is this right?



Visit your host, monkey.org