On Fri, 2004-09-10 at 00:02, Miles Keaton wrote: > All the PF examples and even Jacek's book seem to assume you want to > do NAT : the small-office setup : the one public IP and many > 192.168.0.__ IPs inside. > > But how would PF be used as a router with many incoming IP addresses > and many receiving IP addresses? > > Say I have incoming: from 123.45.67.80 to 123.45.67.89 on a T1 connection. > > One OpenBSD/PF machine is receiving that input on a single NIC card, > and wants to send out some traffic on another NIC card connected to a > switch like this: > > incoming 123.45.67.81 allow port 22,80,443 to go to internal 123.45.67.81 > incoming 123.45.67.82 allow port 22 to go to internal 123.45.67.82 > incoming 123.45.67.83 allow port 22,25,110 to go to internal 123.45.67.83 > > Can PF do this kind of filter-and-route without doing NAT? > If so, any URLs of examples? I can only find examples with NAT. > > Thanks!
i'm probably totally missing the point of your post, but here goes: read all that same info and ignore the nat, rdr, and binat statements. pf's filtering does not rely on nat in any way, shape or form. -j =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ We don't smoke and we don't chew, and we don't go with girls that do. -- Walter Summers =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
