Kevin Ingwersen
2014-03-04 20:25:51 UTC
Hey everyone!
I am sitting here with the following situation:
I just had to reinstall my OS X a while ago. Currently, this Mac Mini was used as a NAT router. It uses its Wifi to connect to the dorms internet, and is supposed to dish the data thru its ethernet port:
Dorms Wifi —> Mac Mini —> Airport Express in bridge mode —> iPhone, Macbook, etc
The reason why I need this is that the dorms enforces a rule, which allows only one Mac address to be registered with their router. So in order to grant access to more devices, I need to use a NAT router. But here comes the tricky part. At some time, I wish to use a broadband dongle to offer the internet. Previously, I used the following dirty configuration file to manage that kind of „switching“ connection:
nat on en1 from en0:network to any -> (en1)
nat on en2 from en0:network to any -> (en2)
nat on ppp0 from en0:network to any -> (ppp0)
pass in from any to any
pass out from any to any
You can tell, I never used pfctl before, and only needed a dirty but working way of being able to switch my currently nat’ed internet… x)
But here is the problem.
With the new OS X update, the configuration files for pfctl changed. Which means, I am in a loss again.
So the pf.conf file now looks like this:
scrub-anchor "com.apple/*"
nat-anchor "com.apple/*"
rdr-anchor "com.apple/*"
dummynet-anchor "com.apple/*"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple“
When I try to append a similar block, but pointing to /etc/pf.anchors/SUBnet instead, I get syntax errors about the order of rules…so I am confused for good.
How do I add the „dirty“ hack from above into my pf.conf in order to keep NATing my internet?
Oh yeah, and Internet Sharing on OS X is broken. the dhcp service used does not dish out a proper lease, meaning that Non-Apple clients are doomed.
Hope you can help me :)
Kind regards,
Ingwie
I am sitting here with the following situation:
I just had to reinstall my OS X a while ago. Currently, this Mac Mini was used as a NAT router. It uses its Wifi to connect to the dorms internet, and is supposed to dish the data thru its ethernet port:
Dorms Wifi —> Mac Mini —> Airport Express in bridge mode —> iPhone, Macbook, etc
The reason why I need this is that the dorms enforces a rule, which allows only one Mac address to be registered with their router. So in order to grant access to more devices, I need to use a NAT router. But here comes the tricky part. At some time, I wish to use a broadband dongle to offer the internet. Previously, I used the following dirty configuration file to manage that kind of „switching“ connection:
nat on en1 from en0:network to any -> (en1)
nat on en2 from en0:network to any -> (en2)
nat on ppp0 from en0:network to any -> (ppp0)
pass in from any to any
pass out from any to any
You can tell, I never used pfctl before, and only needed a dirty but working way of being able to switch my currently nat’ed internet… x)
But here is the problem.
With the new OS X update, the configuration files for pfctl changed. Which means, I am in a loss again.
So the pf.conf file now looks like this:
scrub-anchor "com.apple/*"
nat-anchor "com.apple/*"
rdr-anchor "com.apple/*"
dummynet-anchor "com.apple/*"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple“
When I try to append a similar block, but pointing to /etc/pf.anchors/SUBnet instead, I get syntax errors about the order of rules…so I am confused for good.
How do I add the „dirty“ hack from above into my pf.conf in order to keep NATing my internet?
Oh yeah, and Internet Sharing on OS X is broken. the dhcp service used does not dish out a proper lease, meaning that Non-Apple clients are doomed.
Hope you can help me :)
Kind regards,
Ingwie