-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > Is this true, that PF supports bidirectional NAT? That is, NAT of > > both the source and the destination IP in a connection, at the same > > time? > > "binat" was not working for u ? > binat on $ifext from private-ip to any -> public-ip
I think I am using the wrong terminology. I should probably call it "double NAT" to differentiate it. "binat" works fine but it still only changes ONE of the IP's being translated (the source IP). In PF, you can use "nat" to translate the source IP, and "redir" to change the dest IP, but what if you want to change both? There is no direct way to do this, so I am wondering if two different rules could be matched at different times during the packet's transit through the gateway. - -- David DeSimone == Network Admin == [EMAIL PROTECTED] "I don't like spinach, and I'm glad I don't, because if I liked it I'd eat it, and I just hate it." -- Clarence Darrow -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFIwwSnFSrKRjX5eCoRAsVtAJ97T8ALAm7SnrAx362biLvFNK+4zwCfRblb l1wrXShJas2NfmKJYXpz/iE= =RNSP -----END PGP SIGNATURE----- This email message is intended for the use of the person to whom it has been sent, and may contain information that is confidential or legally protected. If you are not the intended recipient or have received this message in error, you are not authorized to copy, distribute, or otherwise use this message or its attachments. Please notify the sender immediately by return e-mail and permanently delete this message and any attachments. Verio, Inc. makes no warranty that this email is error or virus free. Thank you. _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
