Date: Fri, 25 Aug 2006 17:11:29 +0200 From: phoemix@harmless.hu (Gergely CZUCZY) To: Bruno Bandeira <bbandeira@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: Newbie Message-ID: <20060825151129.GA8815@marvin.harmless.hu> In-Reply-To: <130a355b0608250801n6762c91dk159f4880835f8bdd@mail.gmail.com> References: <130a355b0608250801n6762c91dk159f4880835f8bdd@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Fri, Aug 25, 2006 at 12:01:26PM -0300, Bruno Bandeira wrote: > Hey Guys, > > I am newbie in pf world, so i need to put my network to access internet .... > > My gateway is a freebsd machine, and i have a few questions... PS: I have > read the manual =) also read this: http://www.openbsd.org/faq/pf/ > I need to nat my network.How can i do this? I try this.. > > nat on $ext_if from $rede to any -> ($ext_if) let's parse this: +nat: this means, you will perform a NAT action, Network Address Translation +on $ext_if: on those packets which arrive on your $ext_if to your machine +from $rede: from the source of $rede (it's usually a CIDR) +to any: they go to anywhere, aka 0/0 +-> ($ext_if): after translation they will have the address of the interface $ext_if hint: check the "on" part of the rule > My default policy is: > > block in all > > And the statefull spection > > pass out keep state that looks good. also read the faq, there are examples for this IIRC. Bye, Gergely Czuczy mailto: gergely.czuczy@harmless.hu PGP: http://phoemix.harmless.hu/phoemix.pgp Weenies test. Geniuses solve problems that arise. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFE7xMhbBsEN0U7BV0RAubyAKDhSSDRYuP8c7UJUpTqi5ZyI7JmCACg0MOq ZqVHafut/cpfKTNQQK4Uyj4= =Gff1 -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060825151129.GA8815>