View Single Post
  #3   (View Single Post)  
Old 14th February 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

I wanted to say no at first, but I'm not so sure J65nko.. but I can't confirm this either.

In the PF FAQ the following is mentioned for the ext_addr member of the nat keyword.

Quote:
Originally Posted by http://www.openbsd.org/faq/pf/nat.html#config
1) The name of the external network interface in parentheses ( ). This tells PF to update the rule if the IP address(es) on the named interface changes. This is highly useful when the external interface gets its IP address via DHCP or dial-up as the ruleset doesn't have to be reloaded each time the address changes.

2) The name of a network interface followed by either one of these modifiers:

* : network - substitutes the CIDR network block (e.g., 192.168.0.0/24)
* : peer - substitutes the peer's IP address on a point-to-point link

In addition, the :0 modifier can be appended to either an interface name or to any of the above modifiers to indicate that PF should not include aliased IP addresses in the substitution. These modifiers can also be used when the interface is contained in parentheses. Example: fxp0:network:0.
Still, I'm not sure how this would work though.. perhaps like:
nat on vr0 inet from 192.168.0.0/16 to any -> (vr0:network:0).

Comments?
Reply With Quote