[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-pf
Subject:    Re: PF - problem with NAT & policy based rules
From:       jared r r spiegel <jrrs () ice-nine ! org>
Date:       2005-09-24 10:08:23
Message-ID: 20050924100823.GA31409 () ice-nine ! org
[Download RAW message or body]

On Fri, Sep 23, 2005 at 03:00:12PM -0400, Chad M Stewart wrote:
> 
> nat on $ext_if tagged LAN_INET tag LAN_INET_NAT -> ($ext_if)
> 
> The problem is that pfctl complains about a syntax problem with that  
> line.

[/home/jrrs] $ echo "nat on em0 tagged 1 tag 2 -> (em0)" | pfctl -nvf-
stdin:1: syntax error
[/home/jrrs] $ echo "nat on em0 tag 2 tagged 1 -> (em0)" | pfctl -nvf-
nat on em0 all tag 2 tagged 1 -> (em0) round-robin

  seems consistent with: 

--[pf.conf(5)]--
     nat-rule       = [ "no" ] "nat" [ "pass" [ "log" [ "(" logopts ")" ] ] ]
                      [ "on" ifspec ] [ af ]
                      [ protospec ] hosts [ "tag" string ] [ "tagged" string ]
                      [ "->" ( redirhost | "{" redirhost-list "}" )
                      [ portspec ] [ pooltype ] [ "static-port" ] ]
---------------

  jared

-- 

[ openbsd 3.8 GENERIC ( sep 10 ) // i386 ]
[prev in list] [next in list] [prev in thread] [next in thread]