pass out on rl0 inet from vlan309:network to any nat-to rl0
match out on rl0 inet from vlan:309:network nat-to rl0
pass out on rl0
Since you did not submit a full pf.conf, I have no chance of knowing if you do
a later pass that changes the NAT state.
You could use tags for more fine-grained con
Hi
Needing a backup connection to the internet, I decided to give the
Huawei 909u-521 a try.
Hardware details:
http://consumer.huawei.com/en/solutions/m2m-solutions/products/tech-specs/me909u-521mini-pcie-en.htm
It's mounted in a Soekris 6501 device.
During boot, the following information
Stuart Henderson skrev den 2015-04-28 15:55:
Actually this is a bit odd, can't reproduce it here on 5.5 or
-current.
I'm running 5.5 GENERIC.MP
SHA256 (/sbin/pfctl) =
9b84b5b3d846cf2f4c4a189d9711cc5d00c4ea096431df4eaea57ebfcd29de8c
Using a single interface (ex. vlan) will only produce one line (as I
expect it to do) in the pfctl -s rules output.
This is probably the simplest fix. The actual packets you want to
filter
show up on the vlan interfaces anyway.
You'r right, this would be the best solution at the momemnt.
M
"Lists
A list allows the specification of multiple similar criteria within a
rule.
For example, multiple protocols, port numbers, addresses, etc. So,
instead of
writing one filter rule for each IP address that needs to be blocked,
one rule
can be written by specifying the IP addresses in a lis
the pfctl -s rules output.
My question is: Why are pf making 4 identical rules when using
groupnames?
--
Kind regards
Brian S. Vangsgaard
Hi,
for the talk he gave at BSDCan IIRC. I don't need to use RADIUS just a
local authentication database. It is in the base and it seems very
easy
to configure.
It is.
Is anybody running similar setup in production? Any caveats? Any other
advises before I take a plunge.
Yes I am, with Wi
7 matches
Mail list logo
