| Building The Network You Need With PF, The OpenBSD Packet Filter: BSDCan 2016, Ottawa, Canada, June 8th 2016 | ||
|---|---|---|
| Prev | Next | |
'sticky' action, does not affect pass/block, typical use
ext_if = "xl0" # change to match *your* external interface
hiddenhost = 192.0.2.67
# ... see the sample file
match out on $ext_if from <clients> nat-to ($ext_if)
match in on egress proto tcp to port smtp rdr-to $hiddenhost
pass from <clients> # and so forth [...]Load the sample file
$ sudo pfctl -vnf samples/example007