>>>>> "Pekka" == Pekka Nikander <[EMAIL PROTECTED]> writes:
Pekka> Well, IMHO the best way would be to have a separate interface Pekka> for each tunnel end point. That would allow most fine grained Pekka> control, and would be easiest to understand. I was thinking of a virtual interface pour each incoming tunnel endpoint, nothing more. The problem, as pointed in another post, would be the numbering of these interfaces (from a filtering point of view). >From a previous discussion in -security, a tunnel can be used in odd ways, and mixing with routing isn't a good idea : http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=fa.llg8ghv.1l0skqv%40ifi.uio.no Eric Masson -- 70% de frjv sont des newbies ? Et une fois qu'ils ne le sont plus que font-ils ? Ils quittent frjv parce que c'est trop à chier ? Parce que s'ils y restent et gardent leur comportement, ça devient des neuneux. -+- XB in: <http://www.le-gnu.net> - Tu seras un neuneu mon fils -+- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
