On 29/05/2026 13:04, Henning Brauer wrote: > * Kapetanakis Giannis <[email protected]> [2026-05-27 15:49]: >> The whole thing makes sense, it is just the FAQ that confused me, since I >> never used match rules before.\ > diffs welcome ;) Reading again the nat faq, a couple of lines before it has it correctly:
The general format in |pf.conf| looks something like this: match out on interface [af] \ from src_addr to dst_addr \ nat-to ext_addr [pool_type] [static-port] [...] pass out [log] on interface [af] [proto protocol] \ from *ext_addr* [port src_port] \ to dst_addr [port dst_port] So for now, only that part need to be fixed later on --- /tmp/nat.html 2026-05-29 16:08:36.608122404 +0300 +++ nat.html 2026-05-29 16:09:11.295008459 +0300 @@ -336,7 +336,7 @@ <pre class="cmdbox"> match out on tl0 from 192.168.1.0/24 to any nat-to 198.51.100.1 -pass on tl0 from 192.168.1.0/24 to any +pass on tl0 from 198.51.100.1 to any </pre> Or the following may be used:
