Document NAT and DNS forwarding rules for vmd(8)

author mlarkin <mlarkin@openbsd.org>

Wed, 29 Nov 2017 00:15:34 +0000 (00:15 +0000)

committer mlarkin <mlarkin@openbsd.org>

Wed, 29 Nov 2017 00:15:34 +0000 (00:15 +0000)
author mlarkin <mlarkin@openbsd.org>
Wed, 29 Nov 2017 00:15:34 +0000 (00:15 +0000)
committer mlarkin <mlarkin@openbsd.org>
Wed, 29 Nov 2017 00:15:34 +0000 (00:15 +0000)
diff --git a/etc/examples/pf.conf b/etc/examples/pf.conf

index 2dd043a..39edf79 100644 (file)
--- a/etc/examples/pf.conf
+++ b/etc/examples/pf.conf
@@ -1,4 +1,4 @@
-#      $OpenBSD: pf.conf,v 1.2 2015/05/18 16:04:21 reyk Exp $
+#      $OpenBSD: pf.conf,v 1.3 2017/11/29 00:15:34 mlarkin Exp $
  #
  # See pf.conf(5) for syntax and examples.
  # Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
@@ -31,5 +31,10 @@ pass         # establish keep-state
  
  #block in quick from urpf-failed to any        # use with care
  
+# rules for vmd(8) - NAT and DNS forwarding for VMs (100.64.0.0/10 default)
+#pass out on egress from 100.64.0.0/10 to any nat-to (egress)
+#pass in proto udp from 100.64.0.0/10 to any port domain \
+#    rdr-to $dns_server port domain
+
  # By default, do not permit remote connections to X11
  block return in on ! lo0 proto tcp to port 6000:6010
author	mlarkin <mlarkin@openbsd.org>
	Wed, 29 Nov 2017 00:15:34 +0000 (00:15 +0000)
committer	mlarkin <mlarkin@openbsd.org>
	Wed, 29 Nov 2017 00:15:34 +0000 (00:15 +0000)