On Tue, 27 Oct 2009 06:51:26 -0700 (PDT)
Dánielisz László <laszlo_daniel...@yahoo.com> wrote:

> Let's say I have two NICs in my PC: ext_if (for wan/pppoe connection) and 
> int_if for my LAN.
> How would you manage to get work NAT with pf using PPPoE from my ISP

As a start your pf.conf could look a bit like this:
#####
ext_if = "tun0"
int_if = "em1"
localnet = $int_if:network

set block-policy return
set skip on lo0

scrub in all

nat on $ext_if from $localnet to any -> ($ext_if)

antispoof for ($ext_if)
antispoof for $int_if

block in log all

pass inet from { lo0, $localnet } to any
pass out on $ext_if all
#####

Andreas
--
GnuPG key  : 0x2A573565    |    http://www.gnupg.org/howtos/de/
Fingerprint: 925D 2089 0BF9 8DE5 9166  33BB F0FD CD37 2A57 3565

Attachment: pgpxqmJCP5t4d.pgp
Description: PGP signature

Reply via email to