On Wed, Nov 26, 2008 at 12:52:47PM -0600, Patric wrote:
> ext_if = "xl2"
> int_if = "xl1"
> localnet = $int_if:network
> nat on $ext_if from $localnet to any -> ($ext_if)
> pass from { lo0, $localnet } to any keep state
> __________________________
>
> this is pretty much the most basic natting pf.conf described in "The
> Book of PF" and I can't pass any traffic through it at all, pftop shows
> nothing, and I am starting to doubt my sanity, any help is greatly
> appreciated.
Translation occurs before filtering, so outgoing packets will have
$ext_if as source on the external interface (not $localnet), hence
your pass rule is not matching.
Daniel
