Hey.
On 06/11/2011, Gholam Mostafa Faridi <mostafafar...@gmail.com> wrote:
>
> NAT1 = "10.10.10.194"
>
> paltalk1 = "{ 192.168.0.20, 192.168.0.21, 192.168.0.22 }"
>
> match out on egress inet from !(paltalk1) to any nat-to (NAT1)
>
> much different is in NAT rule , and other things is simillar old pf.
>
> I have 27 valid IPs or static IPs , and I have to put many lines in my
> pf.conf
>
>
> I want three invalid IPs assigned to one Valid or static IP. for example
> if my valid IP is 10.10.10.1 , I need these IPs 192.168.0.1 ,
> 192.168.0.2 , 192.168.0.3 assigned to 10.10.10.1
>
>
> this is my net work digram
> |
> |
> |
> ------------|------------
> 10.10.10.192/27
> external
>
> OpenBSD pf firewall
>
> internal
> 192.168.168.0.1/24
> ------------|------------
> |
> |
> |
>
http://www.openbsd.org/cgi-bin/man.cgi?query=pf.conf&sektion=5&manpath=OpenBSD+5.0#EXAMPLES
Looking really quickly this is wrong:
> match out on egress inet from !(paltalk1) to any nat-to (NAT1)
! == NOT
$ == MACRO
match out on egress inet from ($paltalk1) to any nat-to ($NAT1)
BTW, they are public and private addresses, not valid and invalid.
Static is something different again (does not change in contrast to
dynamic, i.e. DHCP),
> best wishes,
> mfaridi
>
Action learning is an educational process whereby the participant
studies their own actions and experience in order to improve
performance. Learners acquire knowledge through actual actions and
repetitions, rather than through traditional instruction.
http://en.wikipedia.org/wiki/Action_learning
To study and not think is a waste. To think and not study is dangerous.
http://en.wikiquote.org/wiki/Confucius
Best wishes.
