Women in Technology

Hear us Roar



Article:
  NAT with pf
Subject:   I don't understand
Date:   2003-08-14 03:36:33
From:   postleb
Hi,
great articel.
But when it comes to the interesting part on page 4, redirections you are loosing me.
Just right away in the first example:
rdr on $ext_if proto tcp from any to $ext_ad port 80 ->
$dmz_ad port 8080


Why are we going on $ext_ad and what does this macro stand for?


I don't understand macro definitions:
xt_ad = "f.f.f.f/32"
prv_ad = "f.f.f.f/24"
dmz_ad = "w.w.w.w/32"


What do they stand for in "real" IP adresses?
Which article did I miss to catch up?
I thought start reading the first articel can't be wrong :-)
Pls be patient with me as I'm not a native english speaker. Learning new stuff in a foreign language is double though.


Greetings
Frank

Full Threads Newest First

Showing messages 1 through 1 of 1.

  • Jacek Artymiak photo I don't understand
    2003-12-15 12:19:22  Jacek Artymiak | [View]

    ext_ad is the external address of your firewall's external interface, i.e. the address that other host on the Internet can see and connect to;

    prv_ad is the address of your firewall's interface to which you connect private hosts; that address may or may not be accessible from the outside;

    dmz_ad is the address of your firewalls's interface to which you conect hosts in the DeMilitarized Zone (a separate segment of your private network that is accessible to the outside world.

    --Jacek