[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-pf
Subject:    Re: Dynamic Addresses and PF
From:       Max Laier <max () love2party ! net>
Date:       2005-01-24 21:03:01
Message-ID: 200501242203.10228.max () love2party ! net
[Download RAW message or body]


On Monday 24 January 2005 21:41, Paul J. Pathiakis wrote:
> Hi,
>
> 	if I'm using a DSL dynamic address, on an external i/f, should I be using
> the parentheses everywhere?
>
> ext_if2 = "tun0"
> ext_gw2 = "70.1.2.3"
>
> 	That is, on a NAT rule such as:
>
> nat on $ext_if2 from $lan_net2 to any -> ($ext_if2)
>
> should I write it as:
>
> nat on ($ext_if2) from  $lan_net2 to any -> ($ext_if2)
>
> ?

No.  The dynamic address modifier does not apply to the "on ifspec" part.  The 
first rule is correct, the second one won't parse.

> Also, since ext_if2 is declared as "tun0" for a DSLconnection, is there a
> way to replace ext_gw2 in all my rules be something like ($ext_if2)?
>
> That is, could I do this:
>
> ext_gw2 = ($ext_if2)
>
> at the beginning of declarations to allow the ext_gw2 variable to be set to
> the dynamic IP address of the ext_if2?
>
> Is this possible?

Yes it is.  You'd do:

ext_if=tun0
ext_gw="(" $ext_if ")"

be careful with the whitespaces on that.

-- 
/"\  Best regards,                      | mlaier@freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier@EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]