cvs commit: src/etc rc.firewall

Julian Elischer julian at elischer.org
Fri Nov 18 23:57:52 PST 2005


Ruslan Ermilov wrote:

>On Fri, Nov 18, 2005 at 10:34:49PM -0800, Julian Elischer wrote:
>  
>
>>Hajimu UMEMOTO wrote:
>>
>>    
>>
>>>ume         2005-11-19 06:06:59 UTC
>>>
>>>FreeBSD src repository
>>>
>>>Modified files:        (Branch: RELENG_6)
>>>  etc                  rc.firewall 
>>>Log:
>>>MFC 1.48: don't match packets other than IPv4 against divert rule.
>>>divert supports only IPv4.
>>>
>>>Revision   Changes    Path 
>>>1.47.10.1  +1 -1      src/etc/rc.firewall
>>>
>>>
>>>      
>>>
>>huh?
>>divert of an ipv6 packet still makes sense!
>>
>>    
>>
>But not with the natd(8) as a listener.
>  
>

well then natd should  be defensive about it and you should
not divert ipv6 packets there..

I currently divert all sorts of stuff  and would be rather annoyed of
divert didn't divert a packet I had singled out for diversion.
I also have patches that allow me to divert from a bridge and from the 
link layer.


>
>Cheers,
>  
>



More information about the cvs-all mailing list