Help with IPNAT setup on OpenBSD 3.4
 

I'm trying to set up a firewall with OpenBSD 3.4 and can't even get the NAT part to work. I've taken the following steps:

Removing the comment line of the following line of /etc/sysctl.conf -

net.inet.ip.forwarding=1# 1=Permit forwarding (routing) of packets

Added the following lines to /etc/rc.conf -

ipfilter=YES
ipnat=YES
# for "YES" ipfilter must also be "YES"
ipfilter_rules=/etc/ipf.rules
# Rules for IP packet filtering
ipnat_rules=/etc/ipnat.rules
# Rules for Network Address Translation

I've taken many looks at the files to make sure they're all named right and in the right place. My network configuration is as such -

rl0: IP - 209.166.74.17 SubMask - 255.255.255.0
dc0: IP - 192.168.1.1 SubMask - 255.255.255.0

Now, I have the following line in my /etc/ipnat.rules file -

map dc0 192.168.1.0/32 -> rl0/32 portmap tcp/udp 10000:20000

I think that's where I'm having the problem. Can someone help me with the syntax of that line? I've tried everything! Thanks!

You must be reading really old documentation. Everything has been rolled into "pf" now. There is only one configuration file (it looks like you're reading a how-to that is very old and describes the setup before NAT and packet filtering were combine).

use this link instead

If you want to just NAT all inside IPs to your outside IP, then you want something like

nat on rl0 from 192.168.1.0/24 to any -> (rl0)

I should point out that you only use the (interface) notation if that interface's IP is dynamic. If you have a static external IP, then just use rl0 without the parenthesis.

Thanks!
 

I guess it was old, because the PF works great! Thanks for the help!