On Tue, 16 Aug 2005 11:36:18 +0200, Daniel Hartmeier wrote:
I didn't get a single piece of feedback. Without any testing
confirmation, this will not make it into 3.8. If this is important
to YOU, please test it now.
Daniel
For the benefit of the archives:
A smart patch from Daniel fixed the
I didn't get a single piece of feedback. Without any testing
confirmation, this will not make it into 3.8. If this is important
to YOU, please test it now.
Daniel
Sorry about the mis-attribution. The idea was Karl's. Here's the
implementation, just in case anyone wants to patent it, there's already
prior art now :P
This is against -current, test feedback welcome.
Daniel
Index: pf.c
===
RCS
On Tue, 26 Jul 2005 05:58:18 -0700 (PDT)
Pejman Moghadam [EMAIL PROTECTED] wrote:
I have one FreeBSD 5.4 router/firewall box in my LAN that do NAT with PF.
The problem is I can't ping the same machine on the internet from two or more
different machines
on my LAN at the same time. only one of
On Tue, Aug 02, 2005 at 09:37:40PM +0800, Lars Hansson wrote:
Pinging from 2 w2k workstations thru a NAT'ing openbsd 3.4 (yes, it's old
i know) to 66.94.230.34 (www.yahoo.com) I can reproduce this problem.
The second workstation gets destination unreachable until a while after
the first stops
Well FYI,
the very same problem appear on czech openbsd mailing list. Reader did
complain that one windows station could ping through pf openbsd
firewall, but the second could not (see this
http://openbsd.cz/pipermail/users/2005-July/001051.html, in czech
language however you could clearly spot
On Thu, Jul 28, 2005 at 09:40:28AM +0200, Marcel Braak wrote:
Before i had a linux/iptables firewall box that doesn't have this problem.
I hope there's a fix for PF cause i think this is a very anoying issue.
You'll have to find out and explain to me how any other product
dispatches incoming
Cristiano Deana wrote :
Paste your pf.conf, it probaly contains errors.
tcpdump -i $external_interface icmp.
This is my pf.conf
extif={ ed0 }
extip={ (ed0) }
table lan { 192.168.1.0/24 }
nat on $extif from lan to any - $extip
pass all
on my clients windows:
on 192.168.1.18 :
C:\echo %os%
Melameth, Daniel D. wrote :
FWIW, while I haven't looked into this in detail, it appears Windows
clients always use the same ICMP ID--512...
I think this is right, beacuse of this state entry :
self icmp 192.168.1.18:512 - 1.2.3.4:512 - 192.9.9.3:512 0:0
but i have not any problem with
Pejman Moghadam wrote:
Melameth, Daniel D. wrote :
FWIW, while I haven't looked into this in detail, it appears Windows
clients always use the same ICMP ID--512...
I think this is right, beacuse of this state entry :
self icmp 192.168.1.18:512 - 1.2.3.4:512 - 192.9.9.3:512 0:0
Hi there
I have one FreeBSD 5.4 router/firewall box in my LAN that do NAT with PF.
The problem is I can't ping the same machine on the internet from two or more
different machines
on my LAN at the same time. only one of my LAN clients can ping that target,
and pinging that
target from another
On Tue, Jul 26, 2005 at 05:58:18AM -0700, Pejman Moghadam wrote:
I have one FreeBSD 5.4 router/firewall box in my LAN that do NAT with PF.
The problem is I can't ping the same machine on the internet from two or more
different machines
on my LAN at the same time. only one of my LAN clients
Daniel Hartmeier wrote:
On Tue, Jul 26, 2005 at 05:58:18AM -0700, Pejman Moghadam wrote:
I have one FreeBSD 5.4 router/firewall box in my LAN that do NAT
with PF.
The problem is I can't ping the same machine on the internet from
two or more different machines on my LAN at the same time.
13 matches
Mail list logo
