* Giancarlo Razzolini <[EMAIL PROTECTED]> [2006-07-04 16:07]: > My question is not only about ftp-proxy, i only used it to exemplify. My > question is: if i tag a packet that is entering one interface and in the > same rule (rdr pass, for example) i send this packet to an interface > which is skipped by pf. I want to know if when this packet get out of > this interface it will still be tagged or not. The only thing that the > man page says is that tags are internal markers. So i'm supposing that > if i send them to an interface skipped by pf, the tag will not be on the > packets getting out of it. Just want to get sure about this, cause all > my tests point to this conclusion.
there is no notion of these tags in IP. they are only there as long as the packets are inside the kernel. when they leave the machine (by whatever interface) they're gone, and if the leave kernel space (think userland proxies) they're gone too. -- BS Web Services, http://www.bsws.de/ OpenBSD-based Webhosting, Mail Services, Managed Servers, ... Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
