--On 20 June 2005 16:23 -0700, Michael Favinsky wrote:
I was reading through the pf documentation and found the following example of NATing several internal IP addresses to two external IP addresses: nat on $ext_if inet from any to any -> 192.0.2.4/31 source-hash Let's say the external IP address of my firewall is 192.0.2.1. Do I need to configure proxy ARP entries on my external interface for 192.0.2.4 and 192.0.2.5, or is this something pf takes care of automagically?
Typically you use ifconfig aliases for this, see hostname.if(5) and/or fconfig(8). I don't think there's a reason for proxy-arp to not work for the nat, though things like antispoof rules do expect you to use aliases.
