9/8/2005, "Stephan A. Rickauer" <[EMAIL PROTECTED]> napisa3(a):
>Thanks to the kind help on this list, my test firewall successfully runs >OpenBSD 3.7 and is basically configured. I now need to think about >migrating my existing netfilter rule set to pf and would like to ask >also some general questions to understand the concept(s) suffiently. > >If I understand correctly, pf has no 'forward' chain like netfiler >(which is probably by design). I have to admit I've found it pretty >handy to use forward chains since one does not have to specify IN and >OUT rules separately. But I don't want to argue about that. The simple >question is: Does that mean, a netfilter forward rules needs to be >replaced by two pf rules (in general)? > >Thanks, I had similar problem few months ago. In my case I used fwbuilder to check how my netfilter rules looks in pf syntax. It was very helpful. www.fwbuilder.org -- Regards, Michal Ful
