Date: Mon, 24 Jan 2005 22:03:01 +0100 From: Max Laier <max@love2party.net> To: freebsd-pf@freebsd.org Subject: Re: Dynamic Addresses and PF Message-ID: <200501242203.10228.max@love2party.net> In-Reply-To: <200501241541.41601.pathiaki@pathiaki.com> References: <200501241541.41601.pathiaki@pathiaki.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
On Monday 24 January 2005 21:41, Paul J. Pathiakis wrote:
> Hi,
>
> if I'm using a DSL dynamic address, on an external i/f, should I be using
> the parentheses everywhere?
>
> ext_if2 = "tun0"
> ext_gw2 = "70.1.2.3"
>
> That is, on a NAT rule such as:
>
> nat on $ext_if2 from $lan_net2 to any -> ($ext_if2)
>
> should I write it as:
>
> nat on ($ext_if2) from $lan_net2 to any -> ($ext_if2)
>
> ?
No. The dynamic address modifier does not apply to the "on ifspec" part. The
first rule is correct, the second one won't parse.
> Also, since ext_if2 is declared as "tun0" for a DSLconnection, is there a
> way to replace ext_gw2 in all my rules be something like ($ext_if2)?
>
> That is, could I do this:
>
> ext_gw2 = ($ext_if2)
>
> at the beginning of declarations to allow the ext_gw2 variable to be set to
> the dynamic IP address of the ext_if2?
>
> Is this possible?
Yes it is. You'd do:
ext_if=tun0
ext_gw="(" $ext_if ")"
be careful with the whitespaces on that.
--
/"\ Best regards, | mlaier@freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier@EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)
iD8DBQBB9WKOXyyEoT62BG0RArFeAJ9P3Xi83UYjjyQlIyZwP9JXDgtbKwCfTL15
7kA8ky8mRKz12/s1Nezq+NM=
=2avo
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200501242203.10228.max>