Hello there, We have two seperate datacentres, one using 172.16.1.0/24 and the other using 172.16.2.0/24. In front of both are NAT'ing OpenBSD firewalls, using something like:
nat on $ext_if from <prv_net> -> ($ext_if:0) (Where prv_net contains the netblock of that datacentre). Now, I would like that NAT to be conditional on the destination address, such that if a packet from datacentre a (172.16.1.12) was heading to datacentre b (172.16.2.16), then it wouldn't get NAT'ed. Is that possible? How would I do that? Thanks -- joe. Excuse me? Is that your samosa?
