[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PF - problem with NAT & policy based rules
Chad M Stewart wrote:
I'm building a new firewall, or rather an HA pair using OpenBSD, pf,
carp, pfsync, etc.. I'm writing a new pf.conf configuration as well.
I'm trying to do policy based rules (i.e. tagging), using the PF FAQ
(ftp://ftp.openbsd.org/pub/OpenBSD/doc/pf-faq.txt) and in the example
it has the following line to setup NAT.
nat on $ext_if tagged LAN_INET tag LAN_INET_NAT -> ($ext_if)
It's just how the parser works. Specify "tag" before "tagged". The
documentation is incorrect.