> On 25 Jan 2021, at 10:43, Alexandr Nedvedicky
> wrote:
>
> hello,
>
> On Fri, Jan 22, 2021 at 05:32:47PM +1000, David Gwynne wrote:
>> I tried this diff, and it broke the ability to use dynamic addresses.
>> ie, the following rules should work:
>>
>> pass in on gre52 inet proto icmp
hello,
On Fri, Jan 22, 2021 at 05:32:47PM +1000, David Gwynne wrote:
> I tried this diff, and it broke the ability to use dynamic addresses.
> ie, the following rules should work:
>
> pass in on gre52 inet proto icmp route-to (gre49:peer)
> pass in on vmx0 inet proto icmp route-to (gre:peer)
I tried this diff, and it broke the ability to use dynamic addresses.
ie, the following rules should work:
pass in on gre52 inet proto icmp route-to (gre49:peer)
pass in on vmx0 inet proto icmp route-to (gre:peer)
however, other forms of dynamic interface addresses should fail. or do
we want to
Hello,
On Fri, Jan 15, 2021 at 06:26:48PM +0100, Alexander Bluhm wrote:
> On Tue, Jan 12, 2021 at 08:45:22PM +0100, Alexandr Nedvedicky wrote:
> > I think bluhm@ and dlg@ have committed part of that change already.
>
> I have only commited a refactoring change. Next step in kernel
> would be to
On Tue, Jan 12, 2021 at 08:45:22PM +0100, Alexandr Nedvedicky wrote:
> I think bluhm@ and dlg@ have committed part of that change already.
I have only commited a refactoring change. Next step in kernel
would be to remove the check in pf_find_state() and see what happens.
I was waiting for dlg@
Hello,
proposed diff follows stuff discussed here [1] (pf route-to issues). I think
we've reached a consensus to change route-to/reply-to such the only supported
option will be next-hop (and list and table of next-hop addresses).
I think bluhm@ and dlg@ have committed part of that change
