View Single Post
  #7   (View Single Post)  
Old 21st October 2011
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Here is a two line pf.conf. It has not been tested.

Line #1 performs Network Address Translation for packets destined for your gateway network (the network with your default route). This is the network on your vr0 interface, though that name is not needed if one uses the "egress" interface group.

Line #2 passes all packets, making this a Default Allow ruleset.
Code:
match out on egress inet from !(egress:network) to any nat-to (egress:0)
pass all
Reply With Quote