Upgrading FreeBSD to use the NEW pf syntax.

2012-11-19 Thread Paul Webster
Good day all, I am aware this is a much discussed subject since the upgrade of PF, I believe the final decision was that to many users are used to the old style pf and an upgrade to the new syntax would cause to much confusion. There was a recent debate on ##freebsd about this issue and I was in

Re: Upgrading FreeBSD to use the NEW pf syntax.

2012-11-19 Thread Paul Webster
000, Maxim Khitrov wrote: On Mon, Nov 19, 2012 at 9:23 PM, Paul Webster wrote: Good day all, I am aware this is a much discussed subject since the upgrade of PF, I believe the final decision was that to many users are used to the old style pf and an upgrade to the new syntax would cause to much

Re: Upgrading FreeBSD to use the NEW pf syntax.

2012-11-19 Thread Paul Webster
x27; chain then in conjunction with the fact that we should be able to borrow some of the code from OpenBSD, maybe it would be worth the sacrifice. Time will tell which one becomes the more popular. On Tue, 20 Nov 2012 03:02:40 -, Chris Buechler wrote: On Mon, Nov 19, 2012 at 8:23

Complicated NAT setup

2017-04-04 Thread Paul Webster via freebsd-pf
Hey all I am having trouble with freebsd/pf and theattached config my main issue is with the second nat; 'nat on $int_if from any to ($josh_if) -> $josh_xbox' it seems to work for TCP inbound but not for UDP or ICMP I cannot see the reason why; perhaps a binat rule would be better but I could nev

Re: Complicated NAT setup

2017-04-05 Thread Paul Webster via freebsd-pf
Thank you for the fast reply mark, here is a list of interfaces with there relative ips: GW1(local lan gateway): lo0: 127.0.0.1 ::1 igb0: 86.5.192.180 (public_ip) igb1: 172.31.33.1/24 (private lan) msk0: unused/192.168.0.1 tun0: 172.19.20.2 gre0: 10.0.0.1 (via igb0) GW2(vps remote gateway):

Re: Complicated NAT setup

2017-04-05 Thread Paul Webster via freebsd-pf
I just read over my first post, a note would be that it does work perfectly outbound the only thing not working is ICMP and UDP inbound On 5 April 2017 at 10:34, Paul Webster wrote: > Thank you for the fast reply mark, here is a list of interfaces with there > relative ips: > > G

Re: Complicated NAT setup

2017-04-05 Thread Paul Webster via freebsd-pf
ything received on gre0 to the xbox (inbound) and working :) Thank you for the hand out max On 5 April 2017 at 11:10, Paul Webster wrote: > I just read over my first post, a note would be that it does work > perfectly outbound the only thing not working is ICMP and UDP inbound > > On 5 A

Re: NAT possible with single interface box?

2018-03-13 Thread Paul Webster via freebsd-pf
Depending what you need an easy hack for it would be running an openvpn or other vpn server, then you can just nat out from that On 12 March 2018 at 22:50, Rick van der Zwet wrote: > On 2018-03-12 15:32, Ultima wrote: > >> Please provide netstat -nr. If you have more in pf.conf, please provide >

Aide with ALTQ

2018-08-26 Thread Paul Webster via freebsd-pf
Hello all can anyone explain why the inbound queues in this setup do not work: https://paste.ee/p/8AggT ___ freebsd-pf@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...

RE: pf and dummynet

2019-07-29 Thread Paul Webster via freebsd-pf
You can mix ipfw and pf, but beware of the order they are loaded (The first one loaded is inside the second one loaded) – it may be better in fact to compile them both in the kernel. You basically end up with: (pf)(ipfw)(system)(ipfw)(pf) – assuming pf was loaded first Sent from Mail for Windo