mirror of
https://github.com/fwbuilder/fwbuilder
synced 2026-03-19 17:57:22 +01:00
15bab71f49
single object negation in "Inbound Interface" and "Outbound Interface" columns in compiler for iptables. * NATCompiler_pf.cpp (compile): see #2456 Added support for single object negation in "Interface" rule element of PF NAT rules. Now compiler can produce PF commands such as "nat on ! em0 ... " (for PF <4.7) or "match on ! em0 ..." (for PF >= 4.7) * Compiler.cpp (singleObjectNegation::processNext): moved rule processor that processes single object negation in any rule element to the base class Compiler.
6 lines
176 B
Plaintext
6 lines
176 B
Plaintext
#
|
|
# Rule NAT_1 0 (NAT)
|
|
nat on en1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 192.168.1.1
|
|
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 192.0.2.1
|
|
|