Hi all
Here's another PF question. I suppose that filtering based on arp protocol is
also impossible using PF just like MAC address filtering. Am I right? All of
these options are supported by IPFW. What are we supposed to do with these
problems?! Just don't use PF?!!
___
Hi all
Here's another PF question. I suppose that filtering based on arp protocol is
also impossible using PF just like MAC address filtering. Am I right? All of
these options are supported by IPFW. What are we supposed to do with these
problems?! Just don't use PF?!!
___
> As for 8-STABLE this functionality is not available.
> I'm not tracking 9-* so someone else will have to answer for that.
> But as far as L2 filtering on the bridge...
> You will probably want ipfw instead as on 8-* were using pf4.3¿ which on
FreeBSD is L3, & L4 filtering only.
> If yo
> > Should the system act as a bridge in order to do the tagging or is it
> > (bridge) just used to do the tagging regardless of the system rule?
>
> You can tag packets on incoming and filter on the tags later in your
> ruleset in non-bridge configurations too. But of course bridges have
> their
Should the system act as a bridge in order to do the tagging or is it (bridge)
just used to do the tagging regardless of the system rule?
___
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send an
Hi list
Is it necessary to reload PF after each change done by pfctl? If yes, how?
___
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
>Well, tags could help here. With a concrete example of what you want, it
>would be easier to suggest a solution.
>Regards.
Aren't anchors useful as David DeSimone said? Another question, is it possible
to negate a rule or feature in a rule? I mean pass all traffic which DO NOT
match the rule ?
>> I have been using IPFW for years, now because of some reasons I'm
>> migrating to PF. In IPFW we can use the "skipto" keyword in order to
>> change the order of checking the rules. How can I do this in PF?
>PF processes rules from top to bottom for every packet, only aborting
>the rule evalu
Hi list
I have been using IPFW for years, now because of some reasons I'm migrating to
PF. In IPFW we can use the "skipto" keyword in order to change the order of
checking the rules. How can I do this in PF? Another one, is it possible to
filter in/out coming traffic according to the source/dest
Hi all
In IPFW we can use "ipprecedence" to match a specified precedence. Is it
possible to do so with pf? How?
Thanks
___
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd
10 matches
Mail list logo
