I read the rules on "no nat" and thought I had it configured correctly.
But then neither machines can see out
(internet)---($WAN - firewall)---($LAN - test machine 1 on 192.168.0.10)
|
($DMZ - test machine 2 on 10.0.0.10)
########################
# Interface Settings #
########################
WAN = "xl0"
LAN = "xl1"
DMZ = "xl2"
###############
# Nat Rules #
###############
no nat on $WAN from $LAN to $DMZ
no nat on $WAN from $DMZ to $LAN
nat on $WAN inet from $LAN to any -> ($WAN)
nat on $WAN inet from $DMZ to any -> ($WAN)
--Bryan
On Wed, 2003-03-19 at 14:16, Srebrenko Sehic wrote:
> On Wed, Mar 19, 2003 at 02:15:10PM -0800, Bryan Irvine wrote:
>
> > So would I need to turn on RIP at all? Or would it just "know" because
> > it's a directly connected interface?
>
> Sure, if those 2 interfaces are directly connected, then pf(4) can
> filter/route traffic (and do translation) without problems. No need for
> rip.
>
