[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PF - problem with NAT & policy based rules

Chad M Stewart wrote:
I'm building a new firewall, or rather an HA pair using OpenBSD, pf, carp, pfsync, etc.. I'm writing a new pf.conf configuration as well. I'm trying to do policy based rules (i.e. tagging), using the PF FAQ (ftp://ftp.openbsd.org/pub/OpenBSD/doc/pf-faq.txt) and in the example it has the following line to setup NAT.

nat on $ext_if tagged LAN_INET tag LAN_INET_NAT -> ($ext_if)

It's just how the parser works. Specify "tag" before "tagged". The documentation is incorrect.