"John D. Baker" <[email protected]> wrote: > > > - dynamic ifaddrs(netifN) (John D. Baker) > > The "ifaddrs(netifN)" function is what evaluates the addresses on the > interface with each reference in a rule, or so the documentation makes > it appear. Contrast with "inet4(netifN)" or "inet6(netifN)" that is > only evaluated when the configuration file is loaded. "ifaddrs(netifN)" > appears to be the equivalent of pf's "(netifN)", but always returns the > full list of all addresses on an interface, so cannot be used in a NAT > (map foo -> bar) statement. Hence the desire to select a subset or at > least only the first address in the list, e.g., pf's "(netifN:0)" dynamic > address evaluation with return of only first address.
You *can* use ifaddrs(netifN) for a NAT rule in NetBSD -current, but you need to specify the address selection algorithm. Currently, "ip‐hash" or "round‐robin". You cannot select just the first address, though. That is something I can look into. -- Mindaugas
