https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248474
--- Comment #16 from Eugene Grosbein <eu...@freebsd.org> --- (In reply to Michael Muenz from comment #14) Every transit packet coming from LAN to WAN first passes pfil hooks as incoming packet before routing lookup for destination, then routing lookup is performed to determine outgoing interface, then packes passes pfil hooks second time as outgoing traffic. If one needs to perform NAT translation for outgoing traffic first and later IPSEC processing, that must be done this way: configure translation at first pass before routing lookup as opposed to more traditional second pass. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
