On Sep 2, 2008, at 10:08 AM, Stefan Sczekalla wrote:
I'm somewhat uncertain on how NAT behaves especially on nearly
concurrent rules.
e.g.
assumption: ( ext_if has two addresse e.g. 82.100.200.1 and and ALIAS
82.100.200.2 )
nat pass on $ext_if form $internal_networks to 192.168.47.11 ->
82.100.200.1
nat pass on $ext_if form $internal_networks to any -> ( $ext_if )
that should work. you may want to fix the typo though.
( how ) Can I bee sure that 192.168.47.11 will always be conncted from
82.100.200.1 ?
Could you clear that question up?
http://cvs.openbsd.org/faq/pf/pools.html#nat
will PF behave differently when the oder of the rules is vice-versa ?
Likely not, give the rules you have. You'd have to force 82.100.200.1
to use the aliased IP to change the behavior.
Your best bet is to test and find out.
