In order to share a VPN connection, which is configured for specified websites only (while the other traffic goes as is), I created the following pf rule:
nat pass on vtap0 from bridge1:network to any -> (vtap0)
It works, but naturally all traffic now goes through VPN. I modified the rule to:
nat pass on vtap0 from bridge1:network to [allowed website IP XX.XX.XX.XX] -> (vtap0)
but no change - all traffic still seems to go through VPN. Here I stuck. So, how to create a NAT rule that is applicable to specified destination IPs only?
Thanks a lot.
The correct rules are:
nat on vtap0 from bridge1:network to XX.XX.XX.XX -> (vtap0)
nat on en0 from bridge1:network to any -> (en0)