[geeks] Dumb Question Friday
Jonathan Patschke
jp at celestrion.net
Tue Nov 5 00:14:32 CST 2013
On Fri, 1 Nov 2013, Brian Dunbar wrote:
> Nevermind: the obvious answer: SNAT.
I think iptables was the final straw that drove me away from Linux (after
using it almost exclusively for 6 years), waving my arms and screaming.
I've been using OpenBSD and pf ever since, and never looked back.
match out on $ext_if from 10.10.10.0/24 to !10.10.10.0/24 nat-to $ext_ip
Or, if you're using the older version of pf (as on FreeBSD), it's even
simpler:
nat on $ext_if from 10.10.10.0/24 to any -> $ext_ip
There's no good reason for iptables to still be so awful and obtuse after
all these years.
--
Jonathan Patschke | "No matter how much the government controls...any
Elgin, TX % problem will be blamed on whatever small zone of
USA | freedom that remains." --Sheldon Richman
More information about the geeks
mailing list