Date: Fri, 2 Apr 2021 21:36:04 +0100 From: Frank Leonhardt <frank2@fjl.co.uk> To: freebsd-questions@freebsd.org Subject: Re: pf or ipfw for NAT Message-ID: <1ff607ca-79cc-3072-831c-54659920e9dc@fjl.co.uk> In-Reply-To: <20210402210356.637a3ed714957fb9c5fdfa3a@sohara.org> References: <50dcf18d-f9c3-71c2-abb0-eed8f1b5e192@fjl.co.uk> <20210402210356.637a3ed714957fb9c5fdfa3a@sohara.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 02/04/2021 21:03, Steve O'Hara-Smith wrote: > On Fri, 2 Apr 2021 20:17:58 +0100 > Frank Leonhardt <freebsd-doc@fjl.co.uk> wrote: > >> For longer than I care to remember (FreeBSD 2) I've implemented a >> physical asymmetric nat gateway using natd and ipfw. I just do what the >> user guide says and it works. > Yes it does and that's fine. > >> Am I using ipfw/natd for historical reasons? Can I do the same with pf? > Yes you can the relevant line in my pf.conf is: > > nat on $ext_if inet from !($ext_if) -> ($ext_if:0) Thanks Steve. Any idea whether I need to enable the gateway when using pf instead? e.g. sysctl net.inet.ip.forwarding=1 Thanks, Frank.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1ff607ca-79cc-3072-831c-54659920e9dc>