Starting to transition the home server to the new dynamic netgraph devices.

2023-04-27 14:56:32 -04:00
parent 5da4f8fb99
commit 24bfa840ff
4 changed files with 58 additions and 79 deletions
--- a/ansible/roles/firewall/files/odofreebsd_pf.conf
+++ b/ansible/roles/firewall/files/odofreebsd_pf.conf
@@ -1,7 +1,7 @@
 ext_if = "{ wlan0 }"
 not_ext_if = "{ !wlan0 }"
-jail_nat_v4 = "{ 10.193.223.0/24 10.213.177.0/24 10.215.1.0/24 }"
-not_jail_nat_v4 = "{ any, !10.193.223.0/24 !10.213.177.0/24 !10.215.1.0/24 }"
+jail_nat_v4 = "{ 10.215.1.0/24 }"
+not_jail_nat_v4 = "{ any, !10.215.1.0/24 }"
 dns_redirect = "{ 10.193.223.1 10.213.177.1 10.215.1.1 }"

 dhcp = "{ bootpc, bootps }"
@@ -29,7 +29,7 @@ pass out on $ext_if

 pass in on jail_nat
 # Allow traffic from my machine to the jails/virtual machines
-pass out on jail_nat from jail_nat
+pass out on jail_nat from $jail_nat_v4

 # We pass on the interfaces listed in allow rather than skipping on
 # them because changes to pass rules will update when running a