Melameth, Daniel D. wrote:
Tor Houghton wrote:
I have two IP addresses assigned to the external interface. I also
have two "internal" interfaces. Is it possible to NAT each internal
interface to a specific external IP address (without specifying the
external address, but the interface "description")?
I am using 3.8; and in my mind I thought I could perhaps use
something like
nat on $ext_if from ($int1_if) to any -> ($ext_if:0)
nat on $ext_if from ($int2_if) to any -> ($ext_if:1)
You can do something like $int_if:network, but the :1 keyword does not
exist and, thus, will need to specified.
It's generally better to do this with macros if you're statically
configured. That way you know that it's hardcoded and that macro is
generally useful elsewhere in pf.conf
ex: nat on $ext_if from ($int1_if:network) -> $EXTERNAL1
Even if it would be possible to do :1 :2 :3, there's lots and lots of
ways to get burned if you were to change the hostname.if file and
suddenly all your IPs are in a different order.
--
Joseph C. Bender
jcbender at bendorius dot com
