DragonFly users List (threaded) for 2012-03
On 24.03.12 11:55, Francois Tigeot wrote:
> On Sat, Mar 24, 2012 at 10:03:19AM +0400, Andrey N. Oktyabrski wrote:
>> On 24.03.12 09:06, Andrey N. Oktyabrski wrote:
>>> PF NAT do not work with tun0
>> This is not correct: it works but only day or two.
> This is normal if your ppp connection does not come with a static IP address.
Yes, I do it this way.
> You should use a rule only specifying the interface name (tun0) in that case;
> this one should do the trick:
> nat on $ext_if inet from !($ext_if) -> ($ext_if:0)
This is my rules for now:
$ egrep -v '^#|^$' /etc/pf.conf
nat on $ext_if from $int_net -> ($ext_if:0)
nat on $eth_if from $int_net -> ($eth_if:0)
pass in quick keep state
pass out quick keep state
I will wait some days...
> The 'inet' keyword prevents pf from nating IPv6 traffic.
Is it critical when tun0 configured without ipv6? I have added it.
P.S. Without NAT ppp eats less CPU, but not too much less. There is PIII
processor - may be it is a normal load for it...