This is a basic script with some commands to enable nat with pf.
pfctl -e #to enable pf
pfctl -nf /etc/pf.conf #to parse rules from /etc/pf.conf file
kldload pf #to load pf module
pfctl -f /etc/pf.conf #to load rules from /etc/pf.conf file
To flush nat:
pfctl -F nat
A.B.C.D is the public IP put on em0 interface.
==================
#cat /etc/pf.conf #this is pf configuration file
nat on em0 from 172.16.16.0/24 to any -> A.B.C.D
###binat on em0 from 172.16.16.2/32 to any -> A.B.C.D
rdr on { em0 re1 } proto udp from any to A.B.C.D port 10011 -> 172.16.16.2 port 10011
rdr on { em0 re1 } proto tcp from any to A.B.C.D port 2222 -> 172.16.16.2 port 22
=================
# pfctl -sn #to view active rules
nat on em0 inet from 172.16.16.0/24 to any -> 89.137.197.15
rdr on em0 inet proto udp from any to A.B.C.D port = 10011 -> 172.16.16.2 port 10011
rdr on re1 inet proto udp from any to A.B.C.D port = 10011 -> 172.16.16.2 port 10011
=================
# pfctl -v -s nat #to view if nat is working
No ALTQ support in kernel
ALTQ related functions disabled
nat on em0 inet from 172.16.16.0/24 to any -> A.B.C.D
[ Evaluations: 171531 Packets: 158 Bytes: 11732 States: 1 ]
[ Inserted: uid 0 pid 15527 State Creations: 1 ]
rdr on em0 inet proto udp from any to A.B.C.D port = 10011 -> 172.16.16.2 port 10011
[ Evaluations: 266473 Packets: 46286 Bytes: 64392976 States: 2 ]
[ Inserted: uid 0 pid 15527 State Creations: 2 ]
==================
#pfctl -F nat # to flush rules from nat table
Aici veti gasi detalii tehnice despre cum se pot realiza configurari software+ hardware.
Here you can find tehnical details about software/hardware configuration.
Arhivă blog
joi, 11 aprilie 2019
Abonați-vă la:
Postări (Atom)