On 05/18/07 22:17, Umar wrote:
> Dear Volker!
>
> Thanks its working fine.
>
> (pass in quick log on $int_if proto tcp from 192.168.3.30 to any flags
> S/SA keep state queue client1)
>
> what will be the syntax if 192.168.3.30 comes through ppp means I have
> configured PPPoE server so i dont know the interface of 192.168.3.30 because
> the tun interface randomly changed e.g (tun1, tun2, tun3, tun4) etc.
>
Umar,
if I get you right, you don't know whether 192.168.3.30 is connected
by tun0, tun1, tunN or ppp0, ppp1, pppN.
You may (at any time with any interface) use the 'interface group'.
For example:
pass in on tun all keep state
^^^^
would let pass all packets in from all tun interfaces. Please note the
missing device number (tun but not tun0). I'm using it like that for
clients connecting by PPTP from the outside. As I don't know how many
clients will connect by PPTP at any time, I'm passing all their
traffic by using the interface group.
HTH
Volker
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
