From owner-freebsd-pf@FreeBSD.ORG  Mon Oct 17 14:09:07 2011
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 34773106564A
	for <freebsd-pf@freebsd.org>; Mon, 17 Oct 2011 14:09:07 +0000 (UTC)
	(envelope-from ml@my.gd)
Received: from mail-yx0-f177.google.com (mail-yx0-f177.google.com
	[209.85.213.177])
	by mx1.freebsd.org (Postfix) with ESMTP id F05128FC13
	for <freebsd-pf@freebsd.org>; Mon, 17 Oct 2011 14:09:06 +0000 (UTC)
Received: by yxk36 with SMTP id 36so3906097yxk.8
	for <freebsd-pf@freebsd.org>; Mon, 17 Oct 2011 07:09:06 -0700 (PDT)
Received: by 10.100.233.33 with SMTP id f33mr4043457anh.123.1318860546208;
	Mon, 17 Oct 2011 07:09:06 -0700 (PDT)
Received: from dfleuriot-at-hi-media.com ([83.167.62.196])
	by mx.google.com with ESMTPS id m3sm37133094ang.0.2011.10.17.07.09.04
	(version=SSLv3 cipher=OTHER); Mon, 17 Oct 2011 07:09:05 -0700 (PDT)
Message-ID: <4E9C36FF.2050508@my.gd>
Date: Mon, 17 Oct 2011 16:09:03 +0200
From: Damien Fleuriot <ml@my.gd>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6;
	rv:7.0.1) Gecko/20110929 Thunderbird/7.0.1
MIME-Version: 1.0
To: freebsd-pf@freebsd.org
References: <86botfu6i0.fsf@srvbsdfenssv.interne.associated-bears.org>
In-Reply-To: <86botfu6i0.fsf@srvbsdfenssv.interne.associated-bears.org>
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: 8bit
Subject: Re: PF & Inside NAT
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Oct 2011 14:09:07 -0000

On 10/17/11 2:50 PM, Eric Masson wrote:
> Hello,
> 
> Does the PF 4.5 port present in -current & 9-STABLE support inside NAT
> please (somewhat like the reverse nat available with libalias) ?
> 
> Kind Regards
> 
> Éric Masson
> 

I totally did not understand whatever you're trying to say.
En d'autres termes, j'ai rien compris.

What do you call "inside nat" ?

If you're referring to the mechanism where a client calls a public IP on
your firewall, and PF rewrites it to an internal IP, what you want is
the rdr mechanism.

These will still work, seeing the new rules syntax for PF only appears
in 4.7