hi everybody,
my work now is to change a linux firewall with iptables to freebsd/pf/carp
i migrate 6500 lines of iptables with no problem in ten day
there is 400 servers to filter and maybe more in the new datacenter (1400/1700)
the firewall do nat !
they have something like this:
iptables -t n
sorry for the disturbing time
i find:
rdr on $if_ext proto tcp from $int_net to port 80 -> \
nat on $if_int inet from to any ->
i nat on the internal interface and it is just working
___
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
> sorry for the disturbing time
> i find:
> rdr on $if_ext proto tcp from $int_net to port 80 -> \
>
>
> nat on $if_int inet from to any ->
>
> i nat on the internal interface and it is just wor
> Is this true, that PF supports bidirectional NAT? That is, NAT of
> both the source and the destination IP in a connection, at the same
> time?
>
> I had attempted this in the past but I could not find a rule syntax
> that would accomplish it. Looking at the above, it appears that this
> may
Le Sat, 6 Sep 2008 14:14:04 -0500
"David DeSimone" <[EMAIL PROTECTED]> a pris sa plume:
> rdr on $if_ext proto tcp from $int_net to port 80 -> \
> >
> >
> > nat on $if_int inet from to any ->
> >
> > i nat on the internal interface and it is just working
to be more clear the priv ip a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
> > Is this true, that PF supports bidirectional NAT? That is, NAT of
> > both the source and the destination IP in a connection, at the same
> > time?
>
> "binat" was not working for u ?
> binat on $ife
