On 2016/08/12 10:15, Sonic wrote: > On Fri, Aug 12, 2016 at 8:19 AM, Petr Topiarz <[email protected]> wrote: > > where should be: > > pass out on tl0 from 192.168.1.0/24 to any nat-to 198.51.100.79 > > block out on tl0 from 192.168.1.208 to any > > I think you're mistaken, your rule blocks 192.168.1.208, whereas the > example serves to pass 192.168.1.208 but not NAT it.
Correct.
