From owner-freebsd-pf@freebsd.org  Mon Mar 12 14:33:08 2018
Return-Path: <owner-freebsd-pf@freebsd.org>
Delivered-To: freebsd-pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 49AE6F4AEFF
 for <freebsd-pf@mailman.ysv.freebsd.org>; Mon, 12 Mar 2018 14:33:08 +0000 (UTC)
 (envelope-from ultima1252@gmail.com)
Received: from mail-lf0-x232.google.com (mail-lf0-x232.google.com
 [IPv6:2a00:1450:4010:c07::232])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id B3A347E2AA
 for <freebsd-pf@freebsd.org>; Mon, 12 Mar 2018 14:33:07 +0000 (UTC)
 (envelope-from ultima1252@gmail.com)
Received: by mail-lf0-x232.google.com with SMTP id m69-v6so23553316lfe.8
 for <freebsd-pf@freebsd.org>; Mon, 12 Mar 2018 07:33:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:references:in-reply-to:from:date:message-id:subject:to
 :cc; bh=tijQckUsZmI3IlCUhKye6koRV6xzEjLo2PZgw5fzQhw=;
 b=acs7/W0wq1H0zRlxLf/YjPMInwmabtJpBUBGNprp9KJ6X6EBEgyhEl9YkmZBxxpFDE
 0IOan+AXCTWTMproC0K8hIFcHoekXZJWHKlAhQiodO/eWa+nq6ar56PiYpOQzt5S4R7K
 dTfy40ov0uOBGRl7U00K3epYCJ/yG3gtuTlDz19Npv+R0VwO5IHiElKpfXdNXrEKT00P
 +9Hg+9kk3Za+XZOE1vj4wgENk/7u9fjp6YFyVa8I5QY9DNnvxJ68Mpj/XxNTW25zDQh1
 vds5/tZsprklYj937uz1wougDLFckuePEIja1fnTsgECQf2N+YNF/hfUi4IhEshM6nEQ
 t/Mw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=tijQckUsZmI3IlCUhKye6koRV6xzEjLo2PZgw5fzQhw=;
 b=Ac2b4jfEvAjto/Yn9Rs327V2Om+kuMOF6Pp8JINKS8sil+mFCWsHqvDpJTX84I2Oia
 oTu4Gd+2aJxzVmRF10wU6cxlwT7RsyREYyfzp3LiUe/MyIStxg2soa4Ea+XiSVE+VTj7
 99/sx5mYFvuZqIGzfUcxonb0j9j8hSx/9C9L3FQQ5RL1I0e+6xTMKpWh5TeVEXbSa+fG
 heh42FMWs/lQCwd/ZvC8gFX0caP2OP2yagCMgQSo4DWa2GC7DdN0t6BUX1C2cG/8OE0W
 dc2TWich2EkG7bLQUSQYnQk1NnpFOr1jsey8ZXi7g8SmszOEbQrYOsuHanmdNuL3URAB
 /xYg==
X-Gm-Message-State: AElRT7FBykEmv0z59GFTBdCzZFmZtZdac2jD06tOiCy2RinQh/vBgwf8
 J8IFj3j87N4yPVBde6iPnlYfXA4v4Y+dWAiGdKCH5A==
X-Google-Smtp-Source: AG47ELsvmiYi8an4WAYlaZAaE5FxBlILzvKyT+3ofoqzMAvRm4Fv3I7UB44uH9JDXrG6ayMLTjWtNdBgOh6fEEQV0sQ=
X-Received: by 10.46.7.26 with SMTP id 26mr5624154ljh.122.1520865186327; Mon,
 12 Mar 2018 07:33:06 -0700 (PDT)
MIME-Version: 1.0
References: <f6c9dffed567fdf0218ae34fc3097062@rickvanderzwet.nl>
In-Reply-To: <f6c9dffed567fdf0218ae34fc3097062@rickvanderzwet.nl>
From: Ultima <ultima1252@gmail.com>
Date: Mon, 12 Mar 2018 14:32:52 +0000
Message-ID: <CANJ8om4kYPUQVDZw9PndyHf7Skhz=wdPfL+ybyNujmZKD5A_FQ@mail.gmail.com>
Subject: Re: NAT possible with single interface box?
To: Rick van der Zwet <info@rickvanderzwet.nl>
Cc: freebsd-pf@freebsd.org
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.25
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2018 14:33:08 -0000

Please provide netstat -nr. If you have more in pf.conf, please provide
this too.

On Mon, Mar 12, 2018, 6:28 AM Rick van der Zwet <info@rickvanderzwet.nl>
wrote:

> Hi,
>
> Could NAT translation be done with a single interface system without the
> use of VLANs?
>
> I have ,a rather odd, (simplified) network configuration:
>    - single interface system (Router) which has two private IP addresses
> 172.16.0.10/24 and 192.168.1.10/24.
>    - The gateway (to the internet) is found at 192.168.1.1
>    - The Client with IP 172.16.0.20/24
> The Client (cannot be modified) is supposed to connect to the internet
> via the Router.
>
>
> My pf rules on Router are:
>    nat on sis0 inet proto tcp from 172.16.0.0/24 to !172.16.0.0/24 ->
> 192.168.1.10
>
>
> Router is configured to allow routing:
>    net.inet.ip.forwarding=1
>
>
> pf.conf(5) tell me it will do translation on pass through packets:
>       Translation rules apply only to packets that pass through the
> specified
>       interface,        and if no interface is specified, translation is
> applied
> to
>       packets on        all interfaces.
>
>
> Looking at tcpdump of the router I do not see packages been translated
> yet only being forwarded, which leaves me wondering could this be done
> at all?
>
> Best regards,
> -Rick
>
>
>
>
> _______________________________________________
> freebsd-pf@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
>