Just installed the June 11 snapshot to do some testing with synproxy.
The server has three NICs installed with fxp0 and fxp1 making up the
bridge and dc0 for remote access.
Traffic through the bridge works fine, unless I enable synproxy. Both
keep state and moduleate state work as expected, the
On Thu, 12 Jun 2003, Kevin wrote:
>
> Just installed the June 11 snapshot to do some testing with synproxy.
> The server has three NICs installed with fxp0 and fxp1 making up the
> bridge and dc0 for remote access.
>
> Traffic through the bridge works fine, unless I enable synproxy. Both
> keep s
On Fri, 13 Jun 2003 01:32:46 +0200 (CEST)
Dries Schellekens <[EMAIL PROTECTED]> wrote:
>
> return-{rst,icmp,icmp6) and synproxy don't work on a bridge.
>
> pb@ added a remark to pf.conf(5) and bridge(4) about this yesterday.
>
> NOTES of -current bridge(4) state
> It is unsupported to use f
On Thu, Jun 12, 2003 at 06:56:35PM -0500, Kevin wrote:
> On Fri, 13 Jun 2003 01:32:46 +0200 (CEST)
> Dries Schellekens <[EMAIL PROTECTED]> wrote:
> >
> > return-{rst,icmp,icmp6) and synproxy don't work on a bridge.
> >
> > pb@ added a remark to pf.conf(5) and bridge(4) about this yesterday.
> >
On Thu, Jun 12, 2003 at 06:09:17PM -0500, Kevin wrote:
> Am I missing something?
yes. synproxy, as well as return/return-rst/return-icmp, use stack
functions. thus (well, would be nearly the same if we hand-crufted that
again, what we won't do in any case) they rely on ip adresses on the
machin
