Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 25 Aug 2006 17:11:29 +0200
From:      phoemix@harmless.hu (Gergely CZUCZY)
To:        Bruno Bandeira <bbandeira@gmail.com>
Cc:        freebsd-pf@freebsd.org
Subject:   Re: Newbie
Message-ID:  <20060825151129.GA8815@marvin.harmless.hu>
In-Reply-To: <130a355b0608250801n6762c91dk159f4880835f8bdd@mail.gmail.com>
References:  <130a355b0608250801n6762c91dk159f4880835f8bdd@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

--VS++wcV0S1rZb1Fb
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline

On Fri, Aug 25, 2006 at 12:01:26PM -0300, Bruno Bandeira wrote:
> Hey Guys,
>
> I am newbie in pf world, so i need to put my network to access internet ....
>
> My gateway is a freebsd machine, and i have a few questions... PS: I have
> read the manual =)
also read this: http://www.openbsd.org/faq/pf/

> I need to nat my network.How can i do this? I try this..
>
> nat on $ext_if from $rede to any -> ($ext_if)
let's parse this:
+nat: this means, you will perform a NAT action, Network Address Translation
+on $ext_if: on those packets which arrive on your $ext_if to your machine
+from $rede: from the source of $rede (it's usually a CIDR)
+to any: they go to anywhere, aka 0/0
+-> ($ext_if): after translation they will have the address of the interface $ext_if

hint: check the "on" part of the rule

> My default policy is:
>
> block in all
>
> And the statefull spection
>
> pass out keep state
that looks good. also read the faq, there are examples for this IIRC.

Bye,

Gergely Czuczy
mailto: gergely.czuczy@harmless.hu
PGP: http://phoemix.harmless.hu/phoemix.pgp

Weenies test. Geniuses solve problems that arise.

--VS++wcV0S1rZb1Fb
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFE7xMhbBsEN0U7BV0RAubyAKDhSSDRYuP8c7UJUpTqi5ZyI7JmCACg0MOq
ZqVHafut/cpfKTNQQK4Uyj4=
=Gff1
-----END PGP SIGNATURE-----

--VS++wcV0S1rZb1Fb--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060825151129.GA8815>