s/CURRENT/HEAD/ below, wasn't quite awake yet when I sent it. :-)
> -Original Message-
> From: owner-freebsd...@freebsd.org [mailto:owner-freebsd-
> p...@freebsd.org] On Behalf Of Greg Hennessy
> Sent: 24 October 2010 10:26 AM
> To: Max Laier; Ermal Luçi
> C
It doesn't appear to patch cleanly against CURRENT
gw2:/usr/src # find . -name \*.rej
./contrib/pf/pfctl/pfctl_table.c.rej
./contrib/pf/pfctl/parse.y.rej
./contrib/pf/pfctl/pfctl.c.rej
./contrib/pf/pfctl/pfctl_parser.h.rej
./contrib/pf/pfctl/pfctl.8.rej
./contrib/pf/pfctl/pfctl.h.rej
./sys/contrib
My bad, that'll teach me to reply in haste :-)
Sent using BlackBerry® from Orange
-Original Message-
From: Giulio Ferro
Date: Wed, 17 Mar 2010 16:37:31
To: Greg Hennessy
Cc: Daniel Hartmeier;
freebsd-net@freebsd.org;
freebsd...@freebsd.org
Subject: Re: PF + BRIDGE + PFSYNC c
A possible corner case with the virtual hosting platform ?
Try changing the NICS from EM to something else supported RL on vmware IIRC.
Greg
From: owner-freebsd...@freebsd.org [owner-freebsd...@freebsd.org] On Behalf Of
Giulio Ferro [au...@zirakzigil.
>
> I need to record logs of all connections nated from PF, has some way?
>
Tag the nat rule and then apply that tag to an egress rule of the form
pass out log quick on blah tagged natted
Greg
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7
>
> It is possible to record logs of all connections nated with the PF?
> Already tried to use "nat log on...", without success.
>
The version of PF used in FreeBSD (OpenBSD rev 3.7 I believe) doesn't have
the log option for either nat pass or rdr pass.
That facility came in later versions of
> The reason we are using CARP on a PLIP interface is to allow
> us to have redundant connections between 2 transparent
> bridging firewalls.
CARP is not going to work with a layer 2 firewall.
> Instead of sending packets over our network, we isolate them
> onto a PLIP interface and crosso
