I have a problem with my PF configuration and i'm not sure what causes it but most likely it is a NAT rules issue. I have configuration like :
ext_if="em0" int_if="em1" kit_if="sk0" nat_if="sk1" lo_if="lo0" tun_if0="tun0" tun_if1="tun1" tun_if2="tun2" tun_if3="tun3" # nat rules nat on $nat_if from $int_if:network to 1.1.1.0/24 -> ($nat_if) nat on $ext_if from $int_if:network to ! 1.1.1.0/24 -> ($ext_if) The firewall is working week then it starts to stop doing NAT properly on the $nat_if like the route is missing after disable and enable the PF it works again. I have alot of firewalls working with the same pf.conf without the second nat and they are flawlessly. The box is FreeBSD 6.1 machine. I'm realy out of ideas and would be great to hear your suggestions and ideas. Thanks for the great software !
