etc/

diff --git a/etc/pf.anchors/vpn.conf b/etc/pf.anchors/vpn.conf
new file mode 100644 (file)
index 0000000..84888e4
--- /dev/null
+++ b/etc/pf.anchors/vpn.conf
@@ -0,0 +1,33 @@
+##############################################################################
+#
+# NB 31.10.16: OpenVPN 
+# grep -q 'include "/etc/pf.anchors/vpn.conf"' /etc/pf.conf || echo 'include "/etc/pf.anchors/vpn.conf"' >> /etc/pf.conf
+#
+##############################################################################
+
+nat on en0 from bridge100:network to any -> (en0)
+nat on utun0 from bridge100:network to any -> (utun0)
+nat on tap0 from bridge100:network to any -> (tap0)
+
+#lan="{192.168.2.0/24}"
+#ext_if=en0
+#vpn_if="utun0"
+#nat on $ext_if from $lan to any -> ($ext_if)
+#nat on $vpn_if from $lan to any -> ($vpn_if)
+
+#nat on utun0 from en0:network to any -> (utun0)
+#nat on utun0 from en1:network to any -> (utun0)
+
+#nat pass on utun0 from 169.254.0.0/16 to 10.8.0.0/24 -> 10.8.0.25
+#nat pass on tun0 from 169.254.0.0/16 to 10.8.0.0/24 -> 10.8.0.25
+#nat pass on tun0 from 192.168.2.0/24 to 10.8.0.0/24 -> 10.8.0.25
+#nat pass on tun0 from 169.254.0.0/16 to 192.168.3.0/24 -> 10.8.0.25
+#nat pass on tun0 from 192.168.2.0/24 to 192.168.3.0/24 -> 10.8.0.25
+
+#nat on bridge100 proto {tcp, udp, icmp} from 10.0.69.0/24 to any -> {en0, en1}
+#pass from {lo0, 10.0.69.0/24} to any keep state
+
+#wifi=bridge100
+#pass on $wifi proto icmp all
+#pass on $wifi proto udp from $wifi to any port 53
+