# Tables: (2) table { ppp0 , 33.33.33.33 , 33.33.33.34 , 192.168.1.1 } table { 33.33.33.33 , 33.33.33.34 } # # Rule 0 (NAT) nat on eth1 from 192.168.1.0/24 to any -> (eth1) nat on eth0 from 192.168.1.0/24 to any -> (eth0) nat on ppp0 from 192.168.1.0/24 to any -> (ppp0) # # Rule 1 (NAT) nat on eth1 from 192.168.1.0/24 to any -> (eth1) # # Rule 2 (NAT) nat on eth1 from 192.168.1.0/24 to any -> 33.33.33.33 # # Rule 3 (NAT) rdr proto tcp from any to port 22 -> 192.168.1.100 port 22 # # Rule 4 (NAT) rdr on eth1 proto tcp from any to 33.33.33.34 port 22 -> 192.168.1.100 port 22 # # Rule 5 (NAT) rdr on eth1 proto tcp from any to 33.33.33.34 port 22 -> 192.168.1.100 port 22 # # Rule 6 (NAT) rdr on eth1 proto tcp from any to 33.33.33.34 port 22 -> 192.168.1.100 port 22 # # Rule 7 (NAT) rdr on eth1 proto tcp from any to 33.33.33.34 port 22 -> 192.168.1.100 port 22 # # Rule 8 (NAT) rdr proto tcp from 192.168.1.0/24 to any port 80 -> (eth1) port 80 # # Rule 0 (global) pass inet from any to any # # Rule 1 (global) pass log inet from any to any # # Rule 2 (global) pass quick inet proto tcp from any to 33.33.33.33 port 22 flags S/SA keep state # # Rule 3 (global) pass quick inet proto tcp from any to 33.33.33.34 port 22 flags S/SA keep state # # Rule 4 (global) pass quick inet proto tcp from any to port 22 flags S/SA keep state # # Rule 5 (global) block log quick inet from any to any # # Rule fallback rule # fallback rule block quick inet from any to any