Hello,
I tried to parse (with pfctl -nvf) the rule
match on enc0 from 192.168.1.0/24 to 192.168.2.0/24 nat-to 10.10.10.1
and all I got was:
pf.tmp:1: nat-to and rdr-to require a direction
pf.tmp:1: skipping rule due to errors
pf.tmp:1: rule expands to no valid combination
So I guess what's missing is "out":
Index: src/sbin/iked/iked.conf.5
===================================================================
RCS file: /cvs/src/sbin/iked/iked.conf.5,v
retrieving revision 1.32
diff -u -p -r1.32 iked.conf.5
--- src/sbin/iked/iked.conf.5 6 May 2014 13:09:18 -0000
1.32 +++ src/sbin/iked/iked.conf.5 4 Aug 2014 12:40:05 -0000
@@ -718,7 +718,7 @@ a relevant NAT rule is required in
For the example above,
this would be:
.Bd -literal -offset indent
-match on enc0 from 192.168.1.0/24 to 192.168.2.0/24 nat-to 10.10.10.1
+match out on enc0 from 192.168.1.0/24 to 192.168.2.0/24 nat-to
10.10.10.1 .Ed
.Pp
From the peer's point of view,
--------------------------------------------------
I tried to parse (hostapd -dv -f) the example in hostapd.conf and I got:
hostapd.tmp:4: syntax error
invalid configuration in hostapd.tmp
bye!
So the patch is:
Index: hostapd.conf.5
===================================================================
RCS file: /cvs/src/usr.sbin/hostapd/hostapd.conf.5,v
retrieving revision 1.42
diff -u -p -r1.42 hostapd.conf.5
--- hostapd.conf.5 3 Sep 2013 20:44:01 -0000 1.42
+++ hostapd.conf.5 5 Aug 2014 10:51:56 -0000
@@ -798,8 +798,8 @@ For example:
.Bd -literal -offset indent
# Assign IP addresses to layer 2 addresses
table <clients> {
- 00:02:6f:42:d0:01 -> 172.23.5.1/30
- 00:05:4e:45:d3:b8 -> 172.23.5.4/30
+ 00:02:6f:42:d0:01 -> 172.23.5.1/30,
+ 00:05:4e:45:d3:b8 -> 172.23.5.4/30,
00:04:2e:12:03:e0 -> 172.23.5.8/30
}
Cheers,
--
Vigdis
