Scenario: int_if with two ip addresses in two differents lans (192.168.20.254, 192.168.21.254). more aliases in the external interfaces
nat rules: every 10 internals ip use an external address for the nat. everything works fine, except for the second internal ip address. ip from 192.168.21.0/24 are natted with rules of net 192.168.20.0/24 machines from internal lan use .20.254 or .21.254 as a gateway. p.s. both of them works, but second ones use wrong nat. # uname -mprs OpenBSD 4.4 amd64 Intel(R) Xeon(R) CPU 5110 @ 1.60GHz # pfctl -vsr pass in log quick on bnx1 inet from 192.168.20.0/24 to any flags S/SA keep state [ Evaluations: 61921 Packets: 370618 Bytes: 216808002 States: 4230 ] [ Inserted: uid 0 pid 12418 State Creations: 23774 ] pass in log quick on bnx1 inet from 192.168.21.0/24 to any flags S/SA keep state [ Evaluations: 628 Packets: 13136 Bytes: 10432453 States: 117 ] [ Inserted: uid 0 pid 12418 State Creations: 202 ] # pfctl -vvsn | grep -A2 -e '@0' -e '@24' -e '@25' @0 nat on bnx0 inet from 192.168.20.1 - 192.168.20.10 to any -> xxx.xxx.xxx.1 [ Evaluations: 34016 Packets: 57999 Bytes: 23576755 States: 803 ] [ Inserted: uid 0 pid 12418 State Creations: 5402 ] @24 nat on bnx0 inet from 192.168.20.241 - 192.168.20.254 to any -> xxx.xxx.xxx.25 [ Evaluations: 1079 Packets: 3353 Bytes: 1489982 States: 79 ] [ Inserted: uid 0 pid 12418 State Creations: 179 ] @25 nat on bnx0 inet from 192.168.21.1 - 192.168.21.10 to any -> xxx.xxx.xxx.26 [ Evaluations: 793 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 12418 State Creations: 0 ] -- Cris, member of G.U.F.I Italian FreeBSD User Group http://www.gufi.org/
