On Mon, Mar 31, 2008 at 02:29:58AM -0400, Nick Davey wrote: > Does it matter that the subnet mask is configured as a /30, or is it the > media type that controls this behavior? Is there any way to use this > mechanism on an ethernet interfaces? > > On Mon, Mar 31, 2008 at 12:16 AM, Theo de Raadt <[EMAIL PROTECTED]> > wrote: > > > > We're trying to use the :peer modifier to minimize the number of macros > > > in our pf configuration files. > > > > > > For some reason we can't get it to work: > > > > > > # cat /etc/pf.conf > > > set skip on lo > > > > > > block log > > > > > > pass in quick on fxp0 inet proto tcp from fxp0:peer to fxp0 port ssh > > > > > > # pfctl -n -f /etc/pf.conf > > > no IP address found for fxp0:peer > > > /etc/pf.conf:5: could not parse host specification > > > > :peer Translates to the point to point interface's peer > > ad- > > dress(es). > > > > That won't work. Your fxp is not a point-to-point interface. It is a > > broadcast interface. It has many peers, not one.
It doesn't matter. If you look at my ifconfig output you'll see I already tried that. -- Egbert Krook System/Network Engineer Amarin Printing and Publishing Public Co., Ltd.
