[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fwd: Re: nat ip mac]



On Mon, August 15, 2005 10:37 am, Glaucius Djalma Pereira Junior said:
> hi guys
>
> how can I create a single nat rule to allow nat to a single machine
using source IP and source MAC
>
> nat on xl0 from 10.1.1.1 to any -> 200.200.200.1
>
> but I would like to allow just 10.1.1.1 using the MAC address
> 00:ff:0f:ba:54:00.
>
> how can I do it ?
Is anyone else allowed to use 10.1.1.1 for any other use?  If not, it is
probably easiest to seperate this into two problems:
Only only MAC address 00:ff:0f:ba:54:00 is allowed 10.1.1.1
Only 10.1.1.1 is allowed a certain nat.
PF solves the secound problem, but the first is probably best fobbed of on
your DHCP server.  (Though I'm not sure that's foolproof.  There are
probably more steps in that then I am thinking of.)
Daniel T. Staal
---------------------------------------------------------------
This email copyright the author.  Unless otherwise noted, you
are expressly allowed to retransmit, quote, or otherwise use
the contents for non-commercial purposes.  This copyright will
expire 5 years after the author's death, or in 30 years,
whichever is longer, unless such a period is in excess of
local copyright law.
---------------------------------------------------------------