From owner-freebsd-pf@FreeBSD.ORG  Mon Jul 13 12:05:24 2009
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id EB18610656DD
	for <freebsd-pf@freebsd.org>; Mon, 13 Jul 2009 12:05:24 +0000 (UTC)
	(envelope-from mksmith@adhost.com)
Received: from mail-defer01.adhost.com (mail-defer01.adhost.com
	[216.211.128.176])
	by mx1.freebsd.org (Postfix) with ESMTP id C47FD8FC15
	for <freebsd-pf@freebsd.org>; Mon, 13 Jul 2009 12:05:24 +0000 (UTC)
	(envelope-from mksmith@adhost.com)
Received: from mail-in04.adhost.com (mail-in04.adhost.com [10.212.3.14])
	by mail-defer01.adhost.com (Postfix) with ESMTP id 95AB178144
	for <freebsd-pf@freebsd.org>; Mon, 13 Jul 2009 04:47:32 -0700 (PDT)
	(envelope-from mksmith@adhost.com)
Received: from ad-exh01.adhost.lan (exchange.adhost.com [216.211.143.69])
	by mail-in04.adhost.com (Postfix) with ESMTP id 9DA68614F80;
	Mon, 13 Jul 2009 04:47:31 -0700 (PDT)
	(envelope-from mksmith@adhost.com)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 13 Jul 2009 04:47:27 -0700
Message-ID: <17838240D9A5544AAA5FF95F8D520316065A8437@ad-exh01.adhost.lan>
In-Reply-To: <20090712155707.4925813c@overlord>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: pf between two lans
Thread-Index: AcoC/AiOPpojH1azQVmBRwCzzuS/0QAs0wCQ
References: <3228ef7c0907111044i55b965d3me10ad146314517bf@mail.gmail.com>
	<20090712155707.4925813c@overlord>
From: "Michael K. Smith - Adhost" <mksmith@adhost.com>
To: "Aleksic Predrag" <apetar@gmail.com>,
	<freebsd-pf@freebsd.org>
Cc: 
Subject: RE: pf between two lans
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2009 12:05:31 -0000

Hello Aleksic:
>=20
> no nat on $extIF inet proto {tcp, udp} from $intIF:network to
> $intIF2:network
> no nat on $extIF inet proto {tcp, udp} from $intIF2:network to
> $intIF:network
>=20
If nothing else, these rules won't match because the traffic isn't
traversing the External Interface.

no nat on $intIF2 inet proto {tcp, udp} from $intIF:network to
$intIF2:network
no nat on $intIF inet proto {tcp, udp} from $infIF2:network to
$intIF:network

Regards,

Mike