On Tue, 27 Oct 2009 06:51:26 -0700 (PDT) Dánielisz László <[email protected]> wrote:
> Let's say I have two NICs in my PC: ext_if (for wan/pppoe connection) and
> int_if for my LAN.
> How would you manage to get work NAT with pf using PPPoE from my ISP
As a start your pf.conf could look a bit like this:
#####
ext_if = "tun0"
int_if = "em1"
localnet = $int_if:network
set block-policy return
set skip on lo0
scrub in all
nat on $ext_if from $localnet to any -> ($ext_if)
antispoof for ($ext_if)
antispoof for $int_if
block in log all
pass inet from { lo0, $localnet } to any
pass out on $ext_if all
#####
Andreas
--
GnuPG key : 0x2A573565 | http://www.gnupg.org/howtos/de/
Fingerprint: 925D 2089 0BF9 8DE5 9166 33BB F0FD CD37 2A57 3565
pgpxqmJCP5t4d.pgp
Description: PGP signature
