pf & nat
FreeBSD 8-STABLE is still on pf 4.1 but the documentation at openbsd is based on 4.7 which rewrote half the routing stack, so reading pf.conf(5) is still your friend.
Here is me using my laptop nated to the desktop which uses wifi to connect upstream. That way, I reduce wifi net contention by shutting down the close-proximity wifi card on the laptop *and* I get 100mb between the laptop and the desktop.
/etc/rc.conf:
gateway_enable="YES"
pf_enable="YES"
pf_rules="/etc/pf.rules"
/etc/pf.rules:
#options
set limit states 100000
#variables
ext_if = "wlan0"
int_if = "bge0"
#packet normalization, see docs for details
scrub in on $ext_if all no-df
scrub out on $ext_if all random-id
#nat on external iface any packet not originating from
#that iface to any dest not on the local lan and
#xlate the packet through external iface
nat on $ext_if inet from ! ($ext_if) to ! ($int_if) -> ($ext_if)
#no-filter, I don't need no steenkin fw
pass in all
pass out all
Then /etc/rc.d/routing restart and /etc/rc.d/pf start and voila.
Here is me using my laptop nated to the desktop which uses wifi to connect upstream. That way, I reduce wifi net contention by shutting down the close-proximity wifi card on the laptop *and* I get 100mb between the laptop and the desktop.
/etc/rc.conf:
gateway_enable="YES"
pf_enable="YES"
pf_rules="/etc/pf.rules"
/etc/pf.rules:
#options
set limit states 100000
#variables
ext_if = "wlan0"
int_if = "bge0"
#packet normalization, see docs for details
scrub in on $ext_if all no-df
scrub out on $ext_if all random-id
#nat on external iface any packet not originating from
#that iface to any dest not on the local lan and
#xlate the packet through external iface
nat on $ext_if inet from ! ($ext_if) to ! ($int_if) -> ($ext_if)
#no-filter, I don't need no steenkin fw
pass in all
pass out all
Then /etc/rc.d/routing restart and /etc/rc.d/pf start and voila.