[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PF without NAT : filtering, but leaving IP address the same

On Fri, 2004-09-10 at 00:02, Miles Keaton wrote:
> All the PF examples and even Jacek's book seem to assume you want to
> do NAT : the small-office setup : the one public IP and many
> 192.168.0.__ IPs inside.
> But how would PF be used as a router with many incoming IP addresses
> and many receiving IP addresses?
> Say I have incoming:  from to on a T1 connection.
> One OpenBSD/PF machine is receiving that input on a single NIC card,
> and wants to send out some traffic on another NIC card connected to a
> switch like this:
> incoming allow port 22,80,443 to go to internal
> incoming allow port 22 to go to internal
> incoming allow port 22,25,110 to go to internal
> Can PF do this kind of filter-and-route without doing NAT?
> If so, any URLs of examples?  I can only find examples with NAT.
> Thanks!
i'm probably totally missing the point of your post, but here goes:
read all that same info and ignore the nat, rdr, and binat statements.
pf's filtering does not rely on nat in any way, shape or form.
We don't smoke and we don't chew, and we don't go with girls that do. --
Walter Summers