DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 6th August 2012
imnoboist imnoboist is offline
New User
 
Join Date: Aug 2012
Posts: 4
Default OpenBSD pf NAT question

I'm confused about how NAT is working. I currently have the following line:
match out on $ext_if from !(egress:network) to any nat-to $default_out

Which works. $default_out is one of the static IP addresses assigned to $ext_if.

However, I have certain systems that I want to go out of a different IP address (I have five statics). I tried this:
match out on $ext_if from 172.16.111.1 to any nat-to $static2

where $static2 is a different static address. After loading the ruleset, when I browse with 172.16.111.1, when I google "ip" it shows the address from $default_out.

I've tried adding the quick keyword to the $static2 NAT and moving it above the $default_out NAT but no beans.

Why isn't this working?

Is there another way I can NAT specific internal addresses to external addresses other than $default_out?

TIA
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenBSD Packages question shep OpenBSD Packages and Ports 4 9th March 2011 03:27 AM
Question about installing OpenBSD as Firewall afcelie OpenBSD Installation and Upgrading 12 3rd January 2011 09:18 PM
OpenBSD release to -current: Xenocara question IronForge OpenBSD Installation and Upgrading 4 1st September 2009 05:44 PM
Enlightenment e17 on OpenBSD (Question about current ports) uptonm OpenBSD Packages and Ports 2 17th June 2009 09:12 PM
external drive partition question + fdisk question gosha OpenBSD General 15 15th June 2009 02:00 PM


All times are GMT. The time now is 11:09 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick