Giovanni P. Tirloni writes: > I don't know how PF keeps tracks of ICMP packets but there must be a > way for it to distinguish between a packet destined to 192.168.0.1 or 0.2.
An ICMP ECHO REQUEST message has a 16-bit id field which can be altered by NAT to identify the originating machine. There isn't really an equivalent when using a minimal GRE header. If GRE checksums are turned on then the 16-bit Reserved1 field could be abused for NAT purposes. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
