-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
It is possible to use non-existing interface name in via / xmit / recv option. It allows to write firewall which works with, say, VPN connection which is created AFTER firewall is loaded on boot. But "nat X config if <iface>" doesn't allow to use non-existing interface name! It looks like very strict limitation, as it doesn't allow to include VPN to nat config! Is here any solution for this problem? - -- // Lev Serebryakov -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJUz733XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePiT0P/A0QqEQD3vNBJYPvOEZwW2Vc 4xVlmMbqN0n/Wz+0bN/v8cIa5gMAYSwRGSyvE9D8FsbN7eXBe2J1DUjEq7E7er7E +jsr+bQTMpblvVBxCig+bNyjnDbFSqFzlU6ZyeBvYXbuhGmeaSnwAbfrl2eTGJ5X RlYjWRMmsUcJf+xp8xLifWoNC99/a4dyjTcmNiUd7ByrYVnnuriVCuM/NFRJPApS f2RUfoBhblDF9bC0NvnheIJpJ6sK12ZCTH4oRfRW4VEaKBpjpygH3WqmGqTUas9C rOEpE7HUA7LjwFqhi2TGbreZZX4EFVztWOUi9ufKoHX93264rtIv8EMu/LtKjuyy LrbBDl5zH6A881eTrQdZXjsG87VSwZA3ctlPjg/trw8UX0qtG3MsbfgIgp47srVK gMKmVMt0kpzHs3n7rmk8On5ELwUkbjMOPFsg1JXfhNUGelJJ+pMXBm0kaIpiHdzT 6tkSgfrvOJEziFmDF5hCcfHPzMGXJqiMCFqvrX7IsEmx9VLsLKVs2NoX7D+yu4T/ /+SAffJ4OMC22SyDHpaSfZLZTN1eHquepnpvGWYo7aUJm0kQ15Wp8qTMqQ4MFPMz GFoOuJdPDqhd96aTKYI+UYYRC51lqyCiJxmETqMWOgeT3muVsya2PRrVYALEy38H enNnWTWHiw2+3HMWMhtl =V2ZH -----END PGP SIGNATURE----- _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"