Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2025-12-19 16:51:00 +01:00
Code Issues Packages Projects Releases Wiki Activity

Explain permissive NAT

Browse Source
This commit is contained in:
Pat Maddox
2022-07-31 00:03:57 -07:00
parent cf6e555ce9
commit 427128b9f0
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/chapters/gcp.rst
View File

@@ -57,7 +57,8 @@ This basic /etc/pf.conf allow incoming packets on the bridge interface, and NATs
set skip on lo set skip on lo
scrub in scrub in
# permissive NAT allows jail bridge and wireguard tunnels
nat on $ext_if inet from !($ext_if) -> ($ext_if:0) nat on $ext_if inet from !($ext_if) -> ($ext_if:0)
block in block in