On Fri, Dec 18, 2009 at 03:45:03PM +0200, Tapani Tarvainen (pfse...@tapanitarvai
> I take it there're no rules on this list against sending
> patches (and attempt to register at rcs.pfsense.org failed),
> so here it goes. Just apply the patch to filter.inc
Forgot to mention, this is for 1.2.3 rele
I take it there're no rules on this list against sending
patches (and attempt to register at rcs.pfsense.org failed),
so here it goes. Just apply the patch to filter.inc
and edit /cf/conf/config.xml ) by adding something like
172.16.20.5
in a nat rule and reboot
(or edit saved backup and re
On Fri, Dec 18, 2009 at 02:14:30PM +0100, Beat Siegenthaler (bsi...@gmail.com) w
> Maybe this could help too: I Found this article because this Guy
> wanted to add IPv6 stuff to the Rules.
> Should work for more or less all "unsupported additions" if You are
> "sed-aware"
> http://remcobressers.nl
I'd really like to see source NAT added. I've been used to pf on openbsd
for a while... it'll let you abuse nat any way you like it, and will still
call you the next day. I tried pfsense and actually really liked it a lot.
it was eventually the lack of options for NAT that made me switch back...
Does anybody think it'd be worthwhile to submit that as a patch?
Or would someone like to see it otherwise (small enough even
for posting on the list, perhaps - 105 line context diff)?
Maybe this could help too: I Found this article because this Guy wanted
to add IPv6 stuff to the Rules.
S
On 18/12/09 10:58, Tapani Tarvainen wrote:
> On Fri, Dec 18, 2009 at 11:13:45AM +0200, Tapani Tarvainen
> (pfse...@tapanitarvai
>
>> I took a stab at hacking filter.inc and modified it so that if
>> there's modifier in the nat rule, it uses it
>> as source in the rdr entry.
>
> Does anybody thi
On Fri, Dec 18, 2009 at 11:13:45AM +0200, Tapani Tarvainen (pfse...@tapanitarvai
> I took a stab at hacking filter.inc and modified it so that if
> there's modifier in the nat rule, it uses it
> as source in the rdr entry.
Does anybody think it'd be worthwhile to submit that as a patch?
Or would
Hi Tapani,
I run away from ugly hacks and thats the reason I am stuck with
version 1.2.1 (do not want to recompile the custom kernel and make my
disk)
tell if that work
On Fri, Dec 18, 2009 at 11:41 AM, Tapani Tarvainen
wrote:
> On Fri, Dec 18, 2009 at 11:21:32AM +0200, Peter Todorov (pmi...@gmai
On Fri, Dec 18, 2009 at 11:21:32AM +0200, Peter Todorov (pmi...@gmail.com) wrote
> So the code will be overwritten on reboot - right?
The actual pf code, yes - the xml config is where permanent
configuration is kept. (Caveat: I haven't read the code
very thoroughly yet, I only downloaded pfSense
Hi Tapani Tarvainen,
So the code will be overwritten on reboot - right?
If so one simple script that copy the file before rebooting and one
script that overwrite original file after boot. Is this sound any
sense?
On Fri, Dec 18, 2009 at 11:13 AM, Tapani Tarvainen
wrote:
> On Fri, Dec 18, 2009 at
On Fri, Dec 18, 2009 at 10:53:40AM +0200, Peter Todorov (pmi...@gmail.com) wrote
> Hi Chris,
> Can he just edit the conf file on hand and bypass webgui?
Not quite that easy. I took a look at the code, and pfSense doesn't
keep the raw pf conf file, but rebuilds it out of its own xml config
at every
Hi Chris,
Can he just edit the conf file on hand and bypass webgui?
On Fri, Dec 18, 2009 at 10:39 AM, Chris Buechler wrote:
> On Fri, Dec 18, 2009 at 3:21 AM, Tapani Tarvainen
> wrote:
>> On Fri, Dec 18, 2009 at 02:52:43AM -0500, Chris Buechler (c...@pfsense.org)
>> wrote
>>
>>> > Source NAT
>>
On Fri, Dec 18, 2009 at 3:21 AM, Tapani Tarvainen
wrote:
> On Fri, Dec 18, 2009 at 02:52:43AM -0500, Chris Buechler (c...@pfsense.org)
> wrote
>
>> > Source NAT
>
>> > Can this be done with pfSense?
>>
>> Not at this time.
>
> Bummer. :-(
>
> Are there plans to add it in the future?
>
It will be
On Fri, Dec 18, 2009 at 02:52:43AM -0500, Chris Buechler (c...@pfsense.org)
wrote
> > Source NAT
> > Can this be done with pfSense?
>
> Not at this time.
Bummer. :-(
Are there plans to add it in the future?
--
Tapani Tarvainen
---
On Fri, Dec 18, 2009 at 2:09 AM, Tapani Tarvainen
wrote:
> Hi,
>
> I'm new to pfSense, trying to evaluate its suitability for
> my needs, to replace an old custom freebsd firewall,
> and while it looks very nice otherwise, there's one
> feature I can't find: Source NAT, i.e., redirection
> dependi
Hi,
I'm new to pfSense, trying to evaluate its suitability for
my needs, to replace an old custom freebsd firewall,
and while it looks very nice otherwise, there's one
feature I can't find: Source NAT, i.e., redirection
depending on source IP.
Here's a sample pf.conf entry from the old box to
cla
Hi All,
Hi there, Im strugling to find a way to snat my LAN host
IP (linux) before getting to the ipsec tunnel on my pfsense box.
I managed to source nat the IP of my LAN host using iptables and
trigger the vpn connection on pfsense, the problem is that when the
request comes back on the tun
17 matches
Mail list logo
