Hey everyone!
I am sitting here with the following situation:
I just had to reinstall my OS X a while ago. Currently, this Mac Mini was used
as a NAT router. It uses its Wifi to connect to the dorms internet, and is
supposed to dish the data thru its ethernet port:
Dorms Wifi —> Mac Mini —> Airport Express in bridge mode —> iPhone,
Macbook, etc
The reason why I need this is that the dorms enforces a rule, which allows only
one Mac address to be registered with their router. So in order to grant access
to more devices, I need to use a NAT router. But here comes the tricky part. At
some time, I wish to use a broadband dongle to offer the internet. Previously,
I used the following dirty configuration file to manage that kind of
„switching“ connection:
nat on en1 from en0:network to any -> (en1)
nat on en2 from en0:network to any -> (en2)
nat on ppp0 from en0:network to any -> (ppp0)
pass in from any to any
pass out from any to any
You can tell, I never used pfctl before, and only needed a dirty but working
way of being able to switch my currently nat’ed internet… x)
But here is the problem.
With the new OS X update, the configuration files for pfctl changed. Which
means, I am in a loss again.
So the pf.conf file now looks like this:
scrub-anchor "com.apple/*"
nat-anchor "com.apple/*"
rdr-anchor "com.apple/*"
dummynet-anchor "com.apple/*"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple“
When I try to append a similar block, but pointing to /etc/pf.anchors/SUBnet
instead, I get syntax errors about the order of rules…so I am confused for good.
How do I add the „dirty“ hack from above into my pf.conf in order to keep
NATing my internet?
Oh yeah, and Internet Sharing on OS X is broken. the dhcp service used does not
dish out a proper lease, meaning that Non-Apple clients are doomed.
Hope you can help me :)
Kind regards,
Ingwie
