patch for iked.conf and hostapd.conf
Hello,
I tried to parse (with pfctl -nvf) the rule
match on enc0 from 192.168.1.0/24 to 192.168.2.0/24 nat-to 10.10.10.1
and all I got was:
pf.tmp:1: nat-to and rdr-to require a direction
pf.tmp:1: skipping rule due to errors
pf.tmp:1: rule expands to no valid combination
So I guess what's missing is out:
Index: src/sbin/iked/iked.conf.5
===
RCS file: /cvs/src/sbin/iked/iked.conf.5,v
retrieving revision 1.32
diff -u -p -r1.32 iked.conf.5
--- src/sbin/iked/iked.conf.5 6 May 2014 13:09:18 -
1.32 +++ src/sbin/iked/iked.conf.5 4 Aug 2014 12:40:05 -
@@ -718,7 +718,7 @@ a relevant NAT rule is required in
For the example above,
this would be:
.Bd -literal -offset indent
-match on enc0 from 192.168.1.0/24 to 192.168.2.0/24 nat-to 10.10.10.1
+match out on enc0 from 192.168.1.0/24 to 192.168.2.0/24 nat-to
10.10.10.1 .Ed
.Pp
From the peer's point of view,
--
I tried to parse (hostapd -dv -f) the example in hostapd.conf and I got:
hostapd.tmp:4: syntax error
invalid configuration in hostapd.tmp
bye!
So the patch is:
Index: hostapd.conf.5
===
RCS file: /cvs/src/usr.sbin/hostapd/hostapd.conf.5,v
retrieving revision 1.42
diff -u -p -r1.42 hostapd.conf.5
--- hostapd.conf.5 3 Sep 2013 20:44:01 - 1.42
+++ hostapd.conf.5 5 Aug 2014 10:51:56 -
@@ -798,8 +798,8 @@ For example:
.Bd -literal -offset indent
# Assign IP addresses to layer 2 addresses
table clients {
- 00:02:6f:42:d0:01 - 172.23.5.1/30
- 00:05:4e:45:d3:b8 - 172.23.5.4/30
+ 00:02:6f:42:d0:01 - 172.23.5.1/30,
+ 00:05:4e:45:d3:b8 - 172.23.5.4/30,
00:04:2e:12:03:e0 - 172.23.5.8/30
}
Cheers,
--
Vigdis
Re: patch for iked.conf and hostapd.conf
On Tue, Aug 05, 2014 at 06:19:59PM +0200, Vigdis wrote:
Hello,
I tried to parse (with pfctl -nvf) the rule
match on enc0 from 192.168.1.0/24 to 192.168.2.0/24 nat-to 10.10.10.1
and all I got was:
pf.tmp:1: nat-to and rdr-to require a direction
pf.tmp:1: skipping rule due to errors
pf.tmp:1: rule expands to no valid combination
So I guess what's missing is out:
Thanks, your diff is right.
Index: src/sbin/iked/iked.conf.5
===
RCS file: /cvs/src/sbin/iked/iked.conf.5,v
retrieving revision 1.32
diff -u -p -r1.32 iked.conf.5
--- src/sbin/iked/iked.conf.5 6 May 2014 13:09:18 -
1.32 +++ src/sbin/iked/iked.conf.54 Aug 2014 12:40:05 -
@@ -718,7 +718,7 @@ a relevant NAT rule is required in
For the example above,
this would be:
.Bd -literal -offset indent
-match on enc0 from 192.168.1.0/24 to 192.168.2.0/24 nat-to 10.10.10.1
+match out on enc0 from 192.168.1.0/24 to 192.168.2.0/24 nat-to
10.10.10.1 .Ed
.Pp
From the peer's point of view,
--
I tried to parse (hostapd -dv -f) the example in hostapd.conf and I got:
hostapd.tmp:4: syntax error
invalid configuration in hostapd.tmp
bye!
So the patch is:
Index: hostapd.conf.5
===
RCS file: /cvs/src/usr.sbin/hostapd/hostapd.conf.5,v
retrieving revision 1.42
diff -u -p -r1.42 hostapd.conf.5
--- hostapd.conf.53 Sep 2013 20:44:01 - 1.42
+++ hostapd.conf.55 Aug 2014 10:51:56 -
@@ -798,8 +798,8 @@ For example:
.Bd -literal -offset indent
# Assign IP addresses to layer 2 addresses
table clients {
- 00:02:6f:42:d0:01 - 172.23.5.1/30
- 00:05:4e:45:d3:b8 - 172.23.5.4/30
+ 00:02:6f:42:d0:01 - 172.23.5.1/30,
+ 00:05:4e:45:d3:b8 - 172.23.5.4/30,
00:04:2e:12:03:e0 - 172.23.5.8/30
}
Cheers,
--
Vigdis
--
