Hello Chris,
I didn't know the word hairpining, now I do.
No I don't want to do hairpining
MyLan <=> MyOpenbsd <= IPSec => Fortigate (on a lan behind a nat router) <=>
device I want to reach.
That device has a gateway that is not the fortigate so I had to nat the flow on
the Fortigate with th
Mik J [mikyde...@yahoo.fr] wrote:
> Hello,
> Is it possible to nat both source and destination IP on the same openbsd pf
> instance aka double nat ?
> If yes do someone has an example of it ?
are you trying to do "hairpin" NAT?
what are you trying to accomplish?
Hello,
Is it possible to nat both source and destination IP on the same openbsd pf
instance aka double nat ?
If yes do someone has an example of it ?
Thank you
On 2017/03/01 17:12, Frank White wrote:
> yes it works well. But it's very interesting the use of tag.
There might be another way to do it, but I stopped looking after I hit
upon one that worked :)
> Is egress:0 the if alias ?
It's the "main" address on the interface, so it's a single consistent
yes it works well. But it's very interesting the use of tag.
Is egress:0 the if alias ?
2017-03-01 16:09 GMT+01:00 Stuart Henderson :
> On 2017-03-01, Frank White wrote:
> > Hi,
> > anyone know how to configure pf to make hairpin nat ?
>
> Should be something like this.
>
> pass in quick inet
On 2017-03-01, Frank White wrote:
> Hi,
> anyone know how to configure pf to make hairpin nat ?
Should be something like this.
pass in quick inet proto tcp to self port 7755 rdr-to $SOMEHOST port 80 tag
hairpin
pass out quick inet tagged hairpin nat-to egress:0
On Wed, Mar 01, 2017 at 12:50:39PM +0100, Frank White wrote:
> Hi,
> anyone know how to configure pf to make hairpin nat ?
At first blush, no.
But after a quick web search, I can think of several equally opaque
terms for the same phenomenon. Some more useful than others.
A piece of general advi
Hi,
anyone know how to configure pf to make hairpin nat ?
Jonathan A. Lindsey wrote:
Here is what mine reads:
nat on fxp0 inet from 192.168.0.0/24 to any -> 69.254.129.192
BradenM - Sonoma Computer wrote:
Hi;
My knowledge of PF has grown a tad but, despite whatever I may or may-not have
learned, NAT still does not seem to be functioning and my int
Here is what mine reads:
nat on fxp0 inet from 192.168.0.0/24 to any -> 69.254.129.192
BradenM - Sonoma Computer wrote:
> Hi;
>
> My knowledge of PF has grown a tad but, despite whatever I may or may-not have
> learned, NAT still does not seem to be functioning and my internal lan
> computers cann
"BradenM - Sonoma Computer" <[EMAIL PROTECTED]> writes:
> pfctl -sn
> nat on rl0 inet from 192.168.0.0/24 to 192.168.0.1 -> 64.142.102.8
Looks bit odd to me. Are you sure you only want to nat for that
address? The corresponding output on my home gateway is
nat on xl0 inet from 192.168.10
On 5/16/07, BradenM - Sonoma Computer <[EMAIL PROTECTED]> wrote:
Hi;
My knowledge of PF has grown a tad but, despite whatever I may or may-not have
learned, NAT still does not seem to be functioning and my internal lan
computers cannot access the internet.
The NAT rule is as such:
pfctl -sn
nat
On Wed, May 16, 2007 at 09:55:13AM -0700, BradenM - Sonoma Computer wrote:
> The NAT rule is as such:
> pfctl -sn
> nat on rl0 inet from 192.168.0.0/24 to 192.168.0.1 -> 64.142.102.8
Try:
nat on rl0 inet from 192.168.0.0/24 to any -> 64.142.102.8
-ME
Hi;
My knowledge of PF has grown a tad but, despite whatever I may or may-not have
learned, NAT still does not seem to be functioning and my internal lan
computers cannot access the internet.
The NAT rule is as such:
pfctl -sn
nat on rl0 inet from 192.168.0.0/24 to 192.168.0.1 -> 64.142.102.8
Th
14 matches
Mail list logo
