Hi, All!
Sorry if this list is wrong place for questions about IPFilter (didn't found
more appropriate freebsd mailling list and one mentioned in some docs seems to
be dead).
But maybe someone can answer it or point in right direction.
I need to rewrite source and destination IPs on packet sen
Sorry, small update.
Just re-cheked. It was not final change... wrong place. I've set it even
smaller than 4096. Now it 3072.
Sorry.
26.11.19 07:55, Artem Viklenko via freebsd-net пише:
Hi!
I have several small boxes with realtek nics acting as a router/firewall.
Also had same i
Hi!
I have several small boxes with realtek nics acting as a router/firewall.
Also had same issues. FreeBSD driver didn't work at least for me so I
switched to Realtek's driver. But after some time traffic stops passing
my routers. Did some investigation and found that the issue is 9k mbufs.
A
Hi!
You can set option "deprecated" at your gif0 interface.
gif0: flags=8051 metric 0 mtu 1480
inet6 :YYY:YYY:YYY::2 --> :YYY:YYY::1 prefixlen 128 deprecated
Works for me.
On 31.07.19 15:07, Viktor Dukhovni wrote:
My FreeBSD machine is also my router, and for lack IPv6 su
On 04.04.19 08:22, Artem Viklenko via freebsd-net wrote:
04.04.19 07:30, Victor Sudakov пише:
1.
pass in quick on $int_if inet proto tcp from $server to any flags S/SA keep
state allow-opts tag SERVER
2.
block return-rst out log quick on $mob_if inet proto tcp to any port 25
tagged
04.04.19 07:30, Victor Sudakov пише:
1.
pass in quick on $int_if inet proto tcp from $server to any flags S/SA keep
state allow-opts tag SERVER
2.
block return-rst out log quick on $mob_if inet proto tcp to any port 25 tagged
SERVER
You have already passed the packet with "quick" in th
Hi!
On 02.04.19 10:03, Victor Sudakov wrote:
Sergey Akhmatov wrote:
I'm trying to migrate some firewall rules from ipfw to pf. As pf does
NAT first and filtering after NAT, I have a problem doing the following:
1. All 192.168.0.0/16 addresses should be translated to the real IP of
the externa
2016-12-15 18:05, Gary Palmer написав:
On Thu, Dec 15, 2016 at 05:27:02PM +0200, Artem Viklenko wrote:
2016-12-15 14:28, Eugene Grosbein ??:
> On 15.12.2016 19:23, Eugene M. Zheganin wrote:
>
>> but at the time of investigation the socket is already closed and lsof
>&
2016-12-15 14:28, Eugene Grosbein написав:
On 15.12.2016 19:23, Eugene M. Zheganin wrote:
but at the time of investigation the socket is already closed and lsof
cannot show me the owner. I wonder if the kernel can itself decode
this
output and write it in the human-readable form ?
Until tha
2016-06-29 15:23, Slawa Olhovchenkov написав:
On Wed, Jun 29, 2016 at 02:13:59PM +0200, Patrick M. Hausen wrote:
Hi!
> Am 29.06.2016 um 14:01 schrieb Slawa Olhovchenkov :
> I am need in one call, multiple commands not allways allowed.
> Using /etc/start_if.$IFNAME produce side effects and can
10 matches
Mail list logo
