On 19.12.2017 21:46, wishmaster wrote:
>>> /sbin/ipfw add 15002 netgraph 100 ip from me to not me recv "*"
>>
>> Why do you have incoming ip packets sourced from your IP?
>
> It's ok. I use per-interface ACL.
>
> # out
> ipfw -fq table tbl_OUT_IF flush
> ...
> ipfw table tbl_OUT_IF add
--- Original message ---
From: "Eugene Grosbein"
Date: 19 December 2017, 15:33:42
> On 19.12.2017 13:15, wishmaster wrote:
> > Hi,
> >
> > after I have applied ng_patch for setting TTL for outgoing packets with
> > below rules
> >
> > kldload ng_ipfw 2>/dev/null
> > kldload ng_patch 2>
On 19.12.2017 13:15, wishmaster wrote:
> Hi,
>
> after I have applied ng_patch for setting TTL for outgoing packets with below
> rules
>
> kldload ng_ipfw 2>/dev/null
> kldload ng_patch 2>/dev/null
>
> /usr/sbin/ngctl -f- <<-SEQ
> mkpeer ipfw: patch 100 in
> na
Hi,
after I have applied ng_patch for setting TTL for outgoing packets with below
rules
kldload ng_ipfw 2>/dev/null
kldload ng_patch 2>/dev/null
/usr/sbin/ngctl -f- <<-SEQ
mkpeer ipfw: patch 100 in
name ipfw:100 ttl_set
msg ttl_set: setconfig {
