From owner-freebsd-pf@FreeBSD.ORG Thu Feb 23 14:19:57 2006 Return-Path: X-Original-To: freebsd-pf@FreeBSD.org Delivered-To: freebsd-pf@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E88E916A420 for ; Thu, 23 Feb 2006 14:19:57 +0000 (GMT) (envelope-from tiagocruz@forumgdh.net) Received: from gdhs.guiadohardware.net (gdhs.guiadohardware.net [64.246.6.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6188C43D45 for ; Thu, 23 Feb 2006 14:19:57 +0000 (GMT) (envelope-from tiagocruz@forumgdh.net) Received: (qmail 9162 invoked by uid 15); 23 Feb 2006 14:19:50 -0000 Received: from unknown (HELO tuxkiller.matter.b4br.net) (tiagocruz@forumgdh.net@200.152.202.10) by 0 with SMTP; 23 Feb 2006 14:19:50 -0000 From: Tiago Cruz To: Dimitry Andric In-Reply-To: <43FC7E4E.1070103@andric.com> References: <1140612265.5617.25.camel@localhost.localdomain> <43FC7E4E.1070103@andric.com> Content-Type: text/plain Date: Thu, 23 Feb 2006 11:19:54 -0300 Message-Id: <1140704394.4824.13.camel@localhost.localdomain> Mime-Version: 1.0 X-Mailer: Evolution 2.2.3 Content-Transfer-Encoding: 7bit Cc: freebsd-pf@FreeBSD.org Subject: Re: Dirty NAT tricks X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Feb 2006 14:19:58 -0000 On Wed, 2006-02-22 at 16:07 +0100, Dimitry Andric wrote: > Read pf.conf(5), especially the parts about binat. This is probably > what you want. Ok, thank you... I'm reading about but think that I some of some example... reading the FAQ of OpenVPN I saw this one: ======================================================================================= Does anybody know how to remap local addresses, if I want to connect two networks with an overlap in the private address range? Using iptables 1.2.7a+ and the NETMAP target: iptables -t nat -A PREROUTING -d 192.168.0.0/24 -j NETMAP --to 192.168.1.0/24 or iptables -t nat -A POSTROUTING -d 192.168.1.0/24 -j NETMAP --to 192.168.0.0/24 ======================================================================================= Maybe is some like this? binat on $vpn_if from any to 192.168.0.1 -> 192.168.1.0 But... I have this error: pfctl: Syntax error in config file: pf rules not loaded Well... I'm a little bit of lost... is someone have some tip... Thanks! -- Tiago Cruz http://linuxrapido.org