Hi, All!
Sorry if this list is wrong place for questions about IPFilter (didn't found
more appropriate freebsd mailling list and one mentioned in some docs seems to
be dead).
But maybe someone can answer it or point in right direction.
I need to rewrite source and destination IPs on packet sen
Sorry, small update.
Just re-cheked. It was not final change... wrong place. I've set it even
smaller than 4096. Now it 3072.
Sorry.
26.11.19 07:55, Artem Viklenko via freebsd-net пише:
Hi!
I have several small boxes with realtek nics acting as a router/firewall.
Also had same i
Hi!
I have several small boxes with realtek nics acting as a router/firewall.
Also had same issues. FreeBSD driver didn't work at least for me so I
switched to Realtek's driver. But after some time traffic stops passing
my routers. Did some investigation and found that the issue is 9k mbufs.
A
Hi!
You can set option "deprecated" at your gif0 interface.
gif0: flags=8051 metric 0 mtu 1480
inet6 :YYY:YYY:YYY::2 --> :YYY:YYY::1 prefixlen 128 deprecated
Works for me.
On 31.07.19 15:07, Viktor Dukhovni wrote:
My FreeBSD machine is also my router, and for lack IPv6 su
On 04.04.19 08:22, Artem Viklenko via freebsd-net wrote:
04.04.19 07:30, Victor Sudakov пише:
1.
pass in quick on $int_if inet proto tcp from $server to any flags S/SA keep
state allow-opts tag SERVER
2.
block return-rst out log quick on $mob_if inet proto tcp to any port 25
tagged
04.04.19 07:30, Victor Sudakov пише:
1.
pass in quick on $int_if inet proto tcp from $server to any flags S/SA keep
state allow-opts tag SERVER
2.
block return-rst out log quick on $mob_if inet proto tcp to any port 25 tagged
SERVER
You have already passed the packet with "quick" in th
Hi!
On 02.04.19 10:03, Victor Sudakov wrote:
Sergey Akhmatov wrote:
I'm trying to migrate some firewall rules from ipfw to pf. As pf does
NAT first and filtering after NAT, I have a problem doing the following:
1. All 192.168.0.0/16 addresses should be translated to the real IP of
the externa
