I don't know is it possible, but I added PASS statement to the rule and the rule now looks like: nat pass on vr0 inet from 192.168.1.0/24 to any -> 1.2.3.4
Please, comment that (is it necessary or what?). Thanks. And thank you all for reading. On 5/26/06, Alexander Belikov <[EMAIL PROTECTED]> wrote:
T> I have opbsd box (3.9). I need to make this box as a router. I have T> two network cards. One internal, and other external. External card has T> it's own ip address, let's say 1.2.3.4 (static). Internal card also T> has it's own static IP - 192.168.1.1 with dhcp server running on it. T> So I need nat to reach the internet. T> pf is enabled and running, ip forwarding is also enabled: T> net.inet.ip.forwarding=1 T> here are pf rules: T> pfctl -s nat T> nat on vr0 inet from 192.168.1.0/24 to any -> 1.2.3.4 it's not enought. you've better add full pf.conf and ifconfig output for all interfaces T> While NAT is not working, I've these rules. NAT is working, settings are wrong T> pfctl -s rules T> scrub in on vr0 all fragment reassemble T> scrub in on vr1 all fragment reassemble T> scrub out on vr0 all fragment reassemble T> scrub out on vr1 all fragment reassemble T> pass in log all T> pass out log all -- Best regards, Alexander mailto:[EMAIL PROTECTED]
-- Tautvydas Nenervinkite manes! As jau neturiu kur slepti lavonus!
