So, I've been trying to use dup-to to duplicate udp traffic, but it's not going to plan, and neither Google nor Hansteen's book appear to have any good examples. Of course, there might be a reason for this: dup-to might not be what I'm looking for, and I'm probably doing it wrong.
Initially I thought I could just do pass in on ingress inet proto udp to any dup-to $udprcvhost pass out on egress inet proto udp to any dup-to $udprcvhost But this doesn't work, an/or I am missing a crucial bit of pf configuration. ($udprcvhost is connected to the ingress interface.) Or, should I dup-to to a, say, GRE interface connected to $udprcvhost? I'm trying to do this on a 5.6 system (not in bridge mode - should I?). Clues appreciated, Tor
