In case people reading this thread didn't notice the commits yet,
this works again in -current (thanks jsg and claudio). Make sure you
upgrade pfctl and kernel together.
Hello, Stuart.
On 8 October 2009 G. 15:03:13 Stuart Henderson wrote:
On 2009-09-25, Vadim Zhukov persg...@gmail.com wrote:
2. Is it OK if I'll hack it to make possible even crazy rule like
this:
pass in on $if1 from $a to $b rdr-to $c \
route-to ($if3 $gt3) reply-to ($if2
On 2009-09-25, Vadim Zhukov persg...@gmail.com wrote:
2. Is it OK if I'll hack it to make possible even crazy rule like this:
pass in on $if1 from $a to $b rdr-to $c \
route-to ($if3 $gt3) reply-to ($if2 $gt2) dup-to $if4
... or it's not intended to be so, or it's in the work
* Vadim Zhukov persg...@gmail.com [2009-09-25 06:36]:
Hello all, especially network hackers (you write cool code, BTW, thanks!)
(Sending this email to another list as now it's more technical. I hope)
Stupid me finally found the reasons for such route-to/reply-to behavior:
On 25 September 2009 11:49:48 Henning Brauer wrote:
On 25 September 2009 08:34:03 Vadim Zhukov wrote:
So as far as I can understand, pf_rule.rdr pool is used for
route-to/reply-to/dup-to options. Now I have a few stupid questions:
1. Is it intended to have only one address pool for
Hello all, especially network hackers (you write cool code, BTW, thanks!)
(Sending this email to another list as now it's more technical. I hope)
Stupid me finally found the reasons for such route-to/reply-to behavior:
/usr/src/sbin/pfctl/parse.y (introduced in 1.563 and modified later):
Hi,
Am 11.09.2009 00:58, schrieb Laurent Ghigonis:
On Fri, 11 Sep 2009 02:23:54 +0400
Vadim Zhukov persg...@gmail.com wrote:
Hello all.
Can anyone ack that route-to/reply-to rules do not work on amd64?
I have the following rule in pf.conf:
pass in quick on $limit_if inet proto icmp
Hello all.
Can anyone ack that route-to/reply-to rules do not work on amd64?
I have the following rule in pf.conf:
pass in quick on $limit_if inet proto icmp icmp-type echoreq \
reply-to ($limit_if $limit_gw)
It does not work (IPs replaced via corresponding macros by me),
see tcpdump(8)
On Fri, 11 Sep 2009 02:23:54 +0400
Vadim Zhukov persg...@gmail.com wrote:
Hello all.
Can anyone ack that route-to/reply-to rules do not work on amd64?
I have the following rule in pf.conf:
pass in quick on $limit_if inet proto icmp icmp-type echoreq \
reply-to ($limit_if
9 matches
Mail list logo
