On Fri, Aug 10, 2007 at 12:18:36AM +0100, poncenby wrote:
> List
>
> What options are there when you have multiple IP addresses and 1 openbsd
> 4.1 box with two NICs acting as a firewall? The Internet goes into NIC1
> and a switch (with boxes plugged in) goes into NIC2 (10/8 address range).
> Is the alias command used in hostname.if files the only way of utilising
> these multiple IPs and guaranteeing the openbsd firewall is protecting the
> boxes plugged into the switch on NIC2?
No, you can also use plain routing or create a bridge, as Nick pointed
out. Routing is likely to be easiest.
> and also, am I right in thinking rdr in PF is for forwarding individual
> ports and binat is best used for directing all traffic to an external IP to
> an internal address? can this internal address be a public IP or RFC1918?
Those are the most common uses for rdr and binat, yes. But do note that
if you have sufficient external IP addresses, you do not need any form
of NAT.
Joachim
--
TFMotD: vic (4) - VMware VMXnet Virtual Interface Controller device
