pf question
J.D. Bronson
jbronson at wixb.com
Tue Mar 8 04:50:04 PST 2005
First my ifconfig -A:
# ifconfig -A
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: xxxxxxxxxxxx
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.82.1 netmask 0xffffff00 broadcast 192.168.82.255
inet 192.168.82.2 netmask 0xffffffff broadcast 192.168.82.2
I use a rule in the firewall such as this:
# macros
int_if = "bge0"
pass in on $int_if from $int_if:network to any modulate state
pass out on $int_if from any to $int_if:network modulate state
This expands to:
pass in on bge0 inet from 192.168.82.0/24 to any modulate state
pass in on bge0 inet from 192.168.82.2 to any modulate state
pass out on bge0 inet from any to 192.168.82.0/24 modulate state
pass out on bge0 inet from any to 192.168.82.2 modulate state
..Why does it pick the alias IP on the nic and not the actual IP?
Is this intended by design?
--
J.D. Bronson
Aurora Health Care // Information Services // Milwaukee, WI USA
Office: 414.978.8282 // Email: jd at aurora.org // Pager: 414.314.8282
More information about the freebsd-questions
mailing list