On Tue, Aug 05, 2014 at 06:19:59PM +0200, Vigdis wrote:
> Hello,
>
> I tried to parse (with pfctl -nvf) the rule
>
> match on enc0 from 192.168.1.0/24 to 192.168.2.0/24 nat-to 10.10.10.1
>
> and all I got was:
>
> pf.tmp:1: nat-to and rdr-to require a direction
> pf.tmp:1: skipping rule due to errors
> pf.tmp:1: rule expands to no valid combination
>
> So I guess what's missing is "out":
>
Thanks, your diff is right.
>
> Index: src/sbin/iked/iked.conf.5
> ===================================================================
> RCS file: /cvs/src/sbin/iked/iked.conf.5,v
> retrieving revision 1.32
> diff -u -p -r1.32 iked.conf.5
> --- src/sbin/iked/iked.conf.5 6 May 2014 13:09:18 -0000
> 1.32 +++ src/sbin/iked/iked.conf.5 4 Aug 2014 12:40:05 -0000
> @@ -718,7 +718,7 @@ a relevant NAT rule is required in
> For the example above,
> this would be:
> .Bd -literal -offset indent
> -match on enc0 from 192.168.1.0/24 to 192.168.2.0/24 nat-to 10.10.10.1
> +match out on enc0 from 192.168.1.0/24 to 192.168.2.0/24 nat-to
> 10.10.10.1 .Ed
> .Pp
> From the peer's point of view,
>
>
> --------------------------------------------------
>
> I tried to parse (hostapd -dv -f) the example in hostapd.conf and I got:
>
> hostapd.tmp:4: syntax error
> invalid configuration in hostapd.tmp
> bye!
>
> So the patch is:
>
> Index: hostapd.conf.5
> ===================================================================
> RCS file: /cvs/src/usr.sbin/hostapd/hostapd.conf.5,v
> retrieving revision 1.42
> diff -u -p -r1.42 hostapd.conf.5
> --- hostapd.conf.5 3 Sep 2013 20:44:01 -0000 1.42
> +++ hostapd.conf.5 5 Aug 2014 10:51:56 -0000
> @@ -798,8 +798,8 @@ For example:
> .Bd -literal -offset indent
> # Assign IP addresses to layer 2 addresses
> table <clients> {
> - 00:02:6f:42:d0:01 -> 172.23.5.1/30
> - 00:05:4e:45:d3:b8 -> 172.23.5.4/30
> + 00:02:6f:42:d0:01 -> 172.23.5.1/30,
> + 00:05:4e:45:d3:b8 -> 172.23.5.4/30,
> 00:04:2e:12:03:e0 -> 172.23.5.8/30
> }
>
>
> Cheers,
> --
> Vigdis
>
--
