Re: can't get binat working

2010-01-12 Thread Shohrukh Shoyoqubov
>> Do I need to set an alias IP (the mapped IP) for binat to work? >> >> > > Technically not, you just need 'some way' to get other hosts to send > you traffic for that address. Could be proxy arp, could be route table > entries (static or routing protocols), but in practice adding an > alias IP is

Re: can't get binat working

2010-01-12 Thread Stuart Henderson
On 2010-01-12, Shohrukh Shoyoqubov wrote: > On 1/12/2010 4:01 PM, Shohrukh Shoyoqubov wrote: >> On Tue, Jan 12, 2010 at 2:25 PM, Laurent CARON >> wrote: >> >>> On 12/01/2010 07:19, Shohrukh Shoyoqubov wrote: >>> I want all traffic to 192.168.0.253 to be forwarded to 192.168.2.2. I

Re: can't get binat working

2010-01-12 Thread Shohrukh Shoyoqubov
On 1/12/2010 9:03 PM, Jim Razmus wrote: * Shohrukh Shoyoqubov [100112 01:35]: Hello, I am new to pf and I am trying to do binat but it is not working for some reason. fxp1 is the interface on subnet 192.168.0.0/24 vr0 is the interface on subnet 192.168.2.0/24 Here is my pf.conf #left fr

Re: can't get binat working

2010-01-12 Thread Shohrukh Shoyoqubov
On 1/12/2010 4:01 PM, Shohrukh Shoyoqubov wrote: On Tue, Jan 12, 2010 at 2:25 PM, Laurent CARON wrote: On 12/01/2010 07:19, Shohrukh Shoyoqubov wrote: I want all traffic to 192.168.0.253 to be forwarded to 192.168.2.2. I assume that should make 192.168.0.253 visible in 192.168.0.0/24

Re: can't get binat working

2010-01-12 Thread Shohrukh Shoyoqubov
On 1/12/2010 7:02 PM, Wade, Daniel wrote: Do you have net.inet.ip.forwarding=1 set? Yes. The machine actually acts as a router for some other networks. It has more interfaces in fact. I just showed the ones involved in binat.

Re: can't get binat working

2010-01-12 Thread Shohrukh Shoyoqubov
On Tue, Jan 12, 2010 at 2:25 PM, Laurent CARON wrote: > On 12/01/2010 07:19, Shohrukh Shoyoqubov wrote: >> >> I want all traffic to 192.168.0.253 to be forwarded to 192.168.2.2. I >> assume that should make 192.168.0.253 visible in 192.168.0.0/24 >> subnet, but it is not. I can't reach it from 192

Re: can't get binat working

2010-01-12 Thread Laurent CARON
On 12/01/2010 07:19, Shohrukh Shoyoqubov wrote: I want all traffic to 192.168.0.253 to be forwarded to 192.168.2.2. I assume that should make 192.168.0.253 visible in 192.168.0.0/24 subnet, but it is not. I can't reach it from 192.168.0.0/24 subnet. I am just testing with this lab config and late

can't get binat working

2010-01-11 Thread Shohrukh Shoyoqubov
Hello, I am new to pf and I am trying to do binat but it is not working for some reason. fxp1 is the interface on subnet 192.168.0.0/24 vr0 is the interface on subnet 192.168.2.0/24 Here is my pf.conf #left from the original pf.conf set skip on lo pass# to establish keep-state block