Re: Full Cone NAT In PF

2012-04-30 Thread Darren Pilgrim
On 2012-04-30 17:44, Michael MacLeod wrote: At the end of the day we could solve it by getting our ISP to route a /29 to their house and using binat (I already have a /29), but it would be nice if there was the option to use 'nat on $wan_if from -> ($wan_if) full-cone' in a ruleset to achieve th

Panics in 8.3 with em & pf

2012-04-30 Thread J David
Hello, I have started getting frequent panics related to the em driver on 8.3-STABLE (about every 8 hours). Fatal trap 9: general protection fault while in kernel mode cpuid = 1; apic id = 01 instruction pointer = 0x20:0x806cd1d5 stack pointer = 0x28:0xff8f1450 fram

Question on rtredirect code

2012-04-30 Thread prabhakar lakhera
Hi, The rtredirect code has the following code lines: */* verify the gateway is directly reachable */* 521 if ((ifa = ifa_ifwithnet (gateway

Re: Full Cone NAT In PF

2012-04-30 Thread Michael MacLeod
Darren and Zaphod, Thanks for the response. If I understand full-cone NAT it's basically like opening a port forward in the firewall, since any packets arriving on the WAN interface for that particular external port from any source address will be forwarded to the internal host. And you are correc

Current problem reports assigned to freebsd-net@FreeBSD.org

2012-04-30 Thread FreeBSD bugmaster
Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker

Re: svn commit: r233937 - in head/sys: kern net security/mac

2012-04-30 Thread Alexander V. Chernikov
On 28.04.2012 00:42, Adrian Chadd wrote: Hi Alex, Hello! I don't want to be demanding, but would you please consider committing your fixes? I've asked glebius@ for the review for a while ago, but it seems it is a bit staled.. And if you could, would you please do it as a set of commits, o