keeping state on outgoing connections fails (?)
Jeremy Chadwick
koitsu at FreeBSD.org
Thu Sep 4 06:10:56 UTC 2008
On Wed, Sep 03, 2008 at 06:17:59PM +0200, Peter Wullinger wrote:
> I'll reply to Jeremy, since his answer somehow confused me.
>
> In epistula a Jeremy Chadwick, die horaque Wed Sep 3 17:26:32 2008:
> > I'm a bit confused by these rules and your network configuration.
> > Rule #1 allows any packet with a source address of 1.2.3.1, arriving on
> > the ep0 interface, destined to 10.0.0.2. How exactly are packets
> > arriving on ep0 (which is bound to 1.2.3.0/24) with a destination of
> > 10.0.0.2 in the first place? That seems strange. Is your gateway on
> > your network blindly forwarding packets between networks or something?
> > Or is this FreeBSD box acting *as* a gateway?
>
> It seems to be a gateway, forwarding packets. What exactly do you find
> strange? Have I missed something?
Sorry for confusing you -- if it's a gateway, the OP needed to state
such. I can't assume it's a gateway, because in this day and age people
try to do crazy things with networks, especially with bridging.
If it's a gateway, there's nothing strange about it. If it isn't a
gateway, I can't see how any of the above would work.
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
More information about the freebsd-pf
mailing list