Misc Users;
I'm having NAT problems; could someone examine my pf file and make some
recommendations?
(Yes, Nat is well documented. I'm not here because of issues with clarity.
Thanks;
Bray.
PS: My pf.conf file
#Macros
# 192.168.0.1 subnet
ext_ip="64.142.102.8"
int_ip="192.168.0.1"
int_block="192.168.0.0/24"
#DMZ subnet
#Interface
dmz_ip="192.168.1.1"
#DNS 1
scarlett="192.168.1.2"
pub_scarlett="64.142.102.9"
#DNS 2
shelly="192.168.1.3"
pub_shelly="64.142.102.10"
#WWW 1
www_ip="192.168.1.4"
pub_www="64.142.102.11"
#Normalizing
#scrub in all
table <natclients> { $int_ip, !$scarlett, !$shelly, !$www_ip }
#NAT and Binat
nat on rl0 from $int_block to any -> $ext_ip
nat on rl0 from $scarlett to any -> $pub_scarlett
nat on rl0 from $shelly to any -> $pub_shelly
nat on rl0 from $www_ip to any -> $pub_www
#Default block policy
#block all
#Anti-spoofing
#block in quick from urpf-failed
#Traffic passing through
pass in all
#pass out all
#External interfaces
#pass in on rl0 inet proto { tcp, udp } all modulate state
pass out on rl0 proto { tcp, udp, icmp } all modulate state
