From owner-freebsd-pf@FreeBSD.ORG Sun Apr 1 11:10:15 2012 Return-Path: Delivered-To: freebsd-pf@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id EBEA61065674 for ; Sun, 1 Apr 2012 11:10:15 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id D83C28FC18 for ; Sun, 1 Apr 2012 11:10:15 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q31BAF7R074567 for ; Sun, 1 Apr 2012 11:10:15 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q31BAFlm074564; Sun, 1 Apr 2012 11:10:15 GMT (envelope-from gnats) Date: Sun, 1 Apr 2012 11:10:15 GMT Message-Id: <201204011110.q31BAFlm074564@freefall.freebsd.org> To: freebsd-pf@FreeBSD.org From: Stefan Balu Cc: Subject: Re: kern/166411: [pf] simply enabling pf makes udpxy not to work X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Stefan Balu List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2012 11:10:16 -0000 The following reply was made to PR kern/166411; it has been noted by GNATS. From: Stefan Balu To: =?UTF-8?Q?Ermal_Lu=C3=A7i?= Cc: bug-followup@freebsd.org Subject: Re: kern/166411: [pf] simply enabling pf makes udpxy not to work Date: Sun, 1 Apr 2012 14:06:55 +0300 --f46d040f9bae54ce2504bc9c12d4 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable This seems to have fixed the problem. Thank you! On Wed, Mar 28, 2012 at 12:41 PM, Ermal Lu=C3=A7i wrote: > Normally this is the effect of pf(4) default behviour of dropping > packets with ip-options. > > You need to enable those with 'allow-opts' added to the rule. > > -- > Ermal > --=20 =C8=98tefan B=C4=82LU Tel: +40757 377 489 --f46d040f9bae54ce2504bc9c12d4 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable This seems to have fixed the problem. Thank you!

On Wed, Mar 28, 2012 at 12:41 PM, Ermal Lu=C3=A7i <eri@freebsd.org> wrot= e:
Normally this is the effect of pf(4) default behviour of dropping
packets with ip-options.

You need to enable those with 'allow-opts' added to the rule.

--
Ermal



-- =C8=98tefan B=C4=82LU
Tel: +40757 377 489
--f46d040f9bae54ce2504bc9c12d4-- From owner-freebsd-pf@FreeBSD.ORG Mon Apr 2 11:07:14 2012 Return-Path: Delivered-To: freebsd-pf@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5A0C310656D1 for ; Mon, 2 Apr 2012 11:07:14 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 440698FC0C for ; Mon, 2 Apr 2012 11:07:14 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q32B7ETQ046869 for ; Mon, 2 Apr 2012 11:07:14 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q32B7DPU046867 for freebsd-pf@FreeBSD.org; Mon, 2 Apr 2012 11:07:13 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 2 Apr 2012 11:07:13 GMT Message-Id: <201204021107.q32B7DPU046867@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-pf@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-pf@FreeBSD.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2012 11:07:14 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/166411 pf [pf] simply enabling pf makes udpxy not to work o kern/166336 pf [pf] kern.securelevel 3 +pf reload o kern/165315 pf [pf] States never cleared in PF with DEVICE_POLLING o kern/164402 pf [pf] pf crashes with a particular set of rules when fi o kern/164271 pf [pf] not working pf nat on FreeBSD 9.0 [regression] o kern/163208 pf [pf] PF state key linking mismatch o kern/160370 pf [pf] Incorrect pfctl check of pf.conf o kern/155736 pf [pf] [altq] borrow from parent queue does not work wit o kern/153307 pf [pf] Bug with PF firewall o kern/148290 pf [pf] "sticky-address" option of Packet Filter (PF) blo o kern/148260 pf [pf] [patch] pf rdr incompatible with dummynet o kern/147789 pf [pf] Firewall PF no longer drops connections by sendin o kern/143543 pf [pf] [panic] PF route-to causes kernel panic o bin/143504 pf [patch] outgoing states are not killed by authpf(8) o conf/142961 pf [pf] No way to adjust pidfile in pflogd o conf/142817 pf [patch] etc/rc.d/pf: silence pfctl o kern/141905 pf [pf] [panic] pf kernel panic on 7.2-RELEASE with empty o kern/140697 pf [pf] pf behaviour changes - must be documented o kern/137982 pf [pf] when pf can hit state limits, random IP failures o kern/136781 pf [pf] Packets appear to drop with pf scrub and if_bridg o kern/135948 pf [pf] [gre] pf not natting gre protocol o kern/135162 pf [pfsync] pfsync(4) not usable with GENERIC kernel o kern/134996 pf [pf] Anchor tables not included when pfctl(8) is run w o kern/133732 pf [pf] max-src-conn issue o kern/132769 pf [pf] [lor] 2 LOR's with pf task mtx / ifnet and rtent f kern/132176 pf [pf] pf stalls connection when using route-to [regress o conf/130381 pf [rc.d] [pf] [ip6] ipv6 not fully configured when pf st o kern/129861 pf [pf] [patch] Argument names reversed in pf_table.c:_co o kern/127920 pf [pf] ipv6 and synproxy don't play well together o conf/127814 pf [pf] The flush in pf_reload in /etc/rc.d/pf does not w o kern/127439 pf [pf] deadlock in pf o kern/127121 pf [pf] [patch] pf incorrect log priority o kern/127042 pf [pf] [patch] pf recursion panic if interface group is o kern/125467 pf [pf] pf keep state bug while handling sessions between s kern/124933 pf [pf] [ip6] pf does not support (drops) IPv6 fragmented o kern/124364 pf [pf] [panic] Kernel panic with pf + bridge o kern/122773 pf [pf] pf doesn't log uid or pid when configured to o kern/122014 pf [pf] [panic] FreeBSD 6.2 panic in pf o kern/120281 pf [pf] [request] lost returning packets to PF for a rdr o kern/120057 pf [pf] [patch] Allow proper settings of ALTQ_HFSC. The c o bin/118355 pf [pf] [patch] pfctl(8) help message options order false o kern/114567 pf [pf] [lor] pf_ioctl.c + if.c s conf/110838 pf [pf] tagged parameter on nat not working on FreeBSD 5. o kern/103283 pf pfsync fails to sucessfully transfer some sessions o kern/103281 pf pfsync reports bulk update failures o kern/93825 pf [pf] pf reply-to doesn't work o sparc/93530 pf [pf] Incorrect checksums when using pf's route-to on s o kern/92949 pf [pf] PF + ALTQ problems with latency o bin/86635 pf [patch] pfctl(8): allow new page character (^L) in pf. o kern/82271 pf [pf] cbq scheduler cause bad latency 50 problems total. From owner-freebsd-pf@FreeBSD.ORG Tue Apr 3 06:47:15 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D8F301065670 for ; Tue, 3 Apr 2012 06:47:15 +0000 (UTC) (envelope-from mailman@news2.procontact.us) Received: from news2.procontact.us (news2.procontact.us [188.40.107.11]) by mx1.freebsd.org (Postfix) with SMTP id 4A9F18FC0C for ; Tue, 3 Apr 2012 06:47:14 +0000 (UTC) Date: Tue, 3 Apr 2012 08:46:48 +0200 From: "Kim" Sender: "Kim" To: "" Message-ID: <14049273@news2.procontact.us> X-Priority: 3 X-Mailer: Nerve Communication Server X-Abuse: ZnJlZWJzZC1wZkBmcmVlYnNkLm9yZw==|LC_L1_77648828@L1_26702990 X-Sender: kim@hppremium.co.za MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_NextPart_Custom_Nerve_0.8975921792877541" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Premium hospital cover X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Kim List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2012 06:47:15 -0000 This is a multi-part message in MIME format... ------=_NextPart_Custom_Nerve_0.8975921792877541 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Unsubscribe Here http://www.procontact.co.za/app/bulk_mailer/comp/view_form/view_form.php?15431%3A%3A1+Vsgbwf+freebsd-pf@freebsd.org+53777%3A72++4457%3B%3B1%3B Get consultants to call me back with Premium Hospital Cover quotes. http://www.hppremium.co.za/?sourceID=10000036&campaignID=51 This plan pays a pre-defined daily benefit from your 3rd day in hospital, if you are hospitalised for 3 or more days, but the daily benefit is paid from day 1. You can use the money as you wish. http://www.hppremium.co.za/?sourceID=10000036&campaignID=51 >From R198 a month get up to R5000 a day while you are in hospital Cash back benefit � Get 6 premiums back in cash after your 60th payment Accidental death benefit � get up to R500 000 cover Accidental disability benefit -- get up to R500 000 paid out to you Maternity benefits included Dread disease benefit � get up to R250 000 ICU benefit � get an additional cash benefit for each day spent in ICU No medical examinations required http://www.hppremium.co.za/?sourceID=10000036&campaignID=51 Be advised that product benefits and offering may differ from insurer to insurer. ------=_NextPart_Custom_Nerve_0.8975921792877541-- From owner-freebsd-pf@FreeBSD.ORG Tue Apr 3 19:24:20 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1227A106567C for ; Tue, 3 Apr 2012 19:24:20 +0000 (UTC) (envelope-from mikemacleod@gmail.com) Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by mx1.freebsd.org (Postfix) with ESMTP id CE2AB8FC0A for ; Tue, 3 Apr 2012 19:24:19 +0000 (UTC) Received: by iahk25 with SMTP id k25so75386iah.13 for ; Tue, 03 Apr 2012 12:24:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type; bh=jBG7gDffgS8dEZyGTNfTFqIM1RuSNo9HuL//5SQ4Ov0=; b=cFONhlkAyl7inU0YH2ZlkvwUnSLfkjWg9DvK4GOgXPaj2Z1VXAs3ifH1WDYrERCPVB sFq5PZJw0/zSgg3eSr2kToe2/LL0l6bqPiP6HcT45ar4QcNvdnMVwjVUuJaD5bs8jDcm sDDXuPpYTYkjXUA1XyKLVo1uXfR9iHlg4bVhuJFam8aW+hp0sn2QrFMzgUGJv80/8Oug GPDlC4GRmw9nrjWeCIKEXIrpEhJQiexj29UL5z4PhjwPeG6LbLrb4m9O3Nneq7iP0rQc caFwm9lhEHpn2hmrUDirns03JCd+or/HRsjkEpFX4l8Lo71VHr1ulMeLG3gJBFq+A88K 0hwA== Received: by 10.50.95.167 with SMTP id dl7mr3539051igb.6.1333481059510; Tue, 03 Apr 2012 12:24:19 -0700 (PDT) MIME-Version: 1.0 Received: by 10.42.133.6 with HTTP; Tue, 3 Apr 2012 12:23:59 -0700 (PDT) From: Michael MacLeod Date: Tue, 3 Apr 2012 15:23:59 -0400 Message-ID: To: freebsd-pf@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: PF And Cone NAT X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2012 19:24:20 -0000 Ladies and Gentlemen, Every once and a while I run into an issue wherein the symmetric NAT of pf causes me grief. I've found some older mailing list entries asking about PF and Cone or Full Cone NAT (such as this one from 2005: http://www.mail-archive.com/freebsd-pf@freebsd.org/msg00804.html), but I haven't seen anything new in a while. Almost all discussion I can find suggests to use static-port on the NAT rule entry, but this doesn't seem to be entirely the same thing. Adding static-port will prevent PF from randomizing the source port used for outbound TCP and UDP traffic, but I don't see any mention of it enabling actual Cone behaviour with regards to inbound traffic destined for the now-not-random port. It appears that a NAT table entry, even with the static-port option, will still not accept an inbound packet from external IP B when the NAT rule was originally created for external IP A, which I gather is the main thrust of cone NAT. I understand that cone NAT is a generally terrible and insecure way to do NAT, but game and application developers seem hell-bent on depending on cone NAT behaviour. Is there a way to make it work with PF? Regards, Mike From owner-freebsd-pf@FreeBSD.ORG Thu Apr 5 23:50:38 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2C6D5106566C for ; Thu, 5 Apr 2012 23:50:38 +0000 (UTC) (envelope-from jasjus.bwi@gmail.com) Received: from mail-wi0-f172.google.com (mail-wi0-f172.google.com [209.85.212.172]) by mx1.freebsd.org (Postfix) with ESMTP id B5AD18FC1A for ; Thu, 5 Apr 2012 23:50:37 +0000 (UTC) Received: by wibhj6 with SMTP id hj6so87963wib.13 for ; Thu, 05 Apr 2012 16:50:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=X7ebplr/Iu+WyIXnx0SFj9E+sOA+qDS2pzRmDe8Elgs=; b=ydgZYSgUxPBmmw20bMq0BFUpX5lk6PL3Kf0Bfii9l+pGheko3aW/Bvzge5hPwYIMLk RDCuet5v2PmNRoJ3ctdHFCCcQDlRw/DTmqbfVacGlWg18il94IZbjs2YgsF0S4ZlH0GZ QgXo7HzAMeqAevYuXMJMY5FIpirUwRhsBgsxv9LiOLBxP0OS5sQfYNPKWIYd8XdwZjAJ knhqEemP51mxahtsNXqqbbm9hbUKm78YgIjzxaZxMqUjY6bUcSEQFOI0MPPlcnjg57Mt D96DSab7CApk1o9AdQwu407spuLOLLzzD2ElVYwej/BRi8/fXpHiimx5Hr2hXO9Sld7c jbAw== MIME-Version: 1.0 Received: by 10.180.97.4 with SMTP id dw4mr15221788wib.18.1333669831186; Thu, 05 Apr 2012 16:50:31 -0700 (PDT) Received: by 10.216.3.5 with HTTP; Thu, 5 Apr 2012 16:50:31 -0700 (PDT) Date: Fri, 6 Apr 2012 07:50:31 +0800 Message-ID: From: just man man To: freebsd-pf@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: nat vlan X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Apr 2012 23:50:38 -0000 How to nat multi vlan in PF in freebsd? thank you From owner-freebsd-pf@FreeBSD.ORG Fri Apr 6 00:16:41 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 08647106564A for ; Fri, 6 Apr 2012 00:16:41 +0000 (UTC) (envelope-from Greg.Hennessy@nviz.net) Received: from mail1.jellyfishnet.co.uk (mail1.jellyfishnet.co.uk [93.91.20.9]) by mx1.freebsd.org (Postfix) with ESMTP id 923F78FC14 for ; Fri, 6 Apr 2012 00:16:40 +0000 (UTC) Received: from pemexhub01.jellyfishnet.co.uk.local (93.91.20.3) by mail1.jellyfishnet.co.uk (93.91.20.9) with Microsoft SMTP Server (TLS) id 8.1.393.1; Fri, 6 Apr 2012 01:15:31 +0100 Received: from PEMEXMBXVS04.jellyfishnet.co.uk.local ([192.168.65.52]) by pemexhub01.jellyfishnet.co.uk.local ([192.168.65.7]) with mapi; Fri, 6 Apr 2012 01:13:10 +0100 From: Greg Hennessy To: just man man , "freebsd-pf@freebsd.org" Date: Fri, 6 Apr 2012 01:15:29 +0100 Thread-Topic: nat vlan Thread-Index: Ac0Tht4olScQxJ4qQPeYU5u/av7RDAAAxbpA Message-ID: <9EB23F6C23A8B6488E8BCC92A48E832616BE0484D0@PEMEXMBXVS04.jellyfishnet.co.uk.local> References: In-Reply-To: Accept-Language: en-US, en-GB Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US, en-GB Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: Subject: RE: nat vlan X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Apr 2012 00:16:41 -0000 Put the vlan interfaces into an interface group and nat that...=20 > -----Original Message----- > From: owner-freebsd-pf@freebsd.org [mailto:owner-freebsd- > pf@freebsd.org] On Behalf Of just man man > Sent: Friday, 6 April 2012 9:51 AM > To: freebsd-pf@freebsd.org > Subject: nat vlan >=20 > How to nat multi vlan in PF in freebsd? >=20 > thank you > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" From owner-freebsd-pf@FreeBSD.ORG Sat Apr 7 00:05:47 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 98FFF106566B for ; Sat, 7 Apr 2012 00:05:47 +0000 (UTC) (envelope-from jasjus.bwi@gmail.com) Received: from mail-wi0-f178.google.com (mail-wi0-f178.google.com [209.85.212.178]) by mx1.freebsd.org (Postfix) with ESMTP id 2309E8FC08 for ; Sat, 7 Apr 2012 00:05:46 +0000 (UTC) Received: by wibhq7 with SMTP id hq7so748822wib.13 for ; Fri, 06 Apr 2012 17:05:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=6rM+8icZFV4Yl15x17cKZ5ApY1uj0fvZh1cA5KtvZNY=; b=YjbpluZFM6vFhyyloAG0pWjdgksVqiErBOo3aGMg8dP4iIyuQs57vF5ufmlSEZ8PYq cPTNy03Rwv7TfTIAi0aJ/T3eij9vrEIle4LUgntCJ/xmBkdLlxRjg0XKav5T3iEWYIwS pqcy9kn4ES/sSEqOT0ODxPN+uA2Y62YG1I8KNlzSUfeuqW37xNLFEFV7wZI+dpMq/ZMI 2y2MmZo3C3+2FfDeFRlN+TVSP+GHqkbAftr+ntp0+BNONBfgN3rMfNrh49N0a6+TGWvl fihwy01c+uQQURuQRpXeSMA6prIks+rvf5Rm2yg6Rz/b9OUrCIXn/M5cGVY+LsLv36BO EwuQ== MIME-Version: 1.0 Received: by 10.180.92.71 with SMTP id ck7mr362502wib.21.1333757146258; Fri, 06 Apr 2012 17:05:46 -0700 (PDT) Received: by 10.216.3.5 with HTTP; Fri, 6 Apr 2012 17:05:46 -0700 (PDT) In-Reply-To: <9EB23F6C23A8B6488E8BCC92A48E832616BE0484D0@PEMEXMBXVS04.jellyfishnet.co.uk.local> References: <9EB23F6C23A8B6488E8BCC92A48E832616BE0484D0@PEMEXMBXVS04.jellyfishnet.co.uk.local> Date: Sat, 7 Apr 2012 08:05:46 +0800 Message-ID: From: just man man To: Greg Hennessy Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: "freebsd-pf@freebsd.org" Subject: Re: nat vlan X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Apr 2012 00:05:47 -0000 Thank you, ,do you have tutorial for bandwidth management for IP in vlan. my topology like below: internet ------ main router(pf+freebed)----------router1(pf+freebsd)............VLAN...... my plan: Bandwidth management in main router Nat in router1 Thank you On Fri, Apr 6, 2012 at 8:15 AM, Greg Hennessy wrote: > Put the vlan interfaces into an interface group and nat that... > > > -----Original Message----- > > From: owner-freebsd-pf@freebsd.org [mailto:owner-freebsd- > > pf@freebsd.org] On Behalf Of just man man > > Sent: Friday, 6 April 2012 9:51 AM > > To: freebsd-pf@freebsd.org > > Subject: nat vlan > > > > How to nat multi vlan in PF in freebsd? > > > > thank you > > _______________________________________________ > > freebsd-pf@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > From owner-freebsd-pf@FreeBSD.ORG Sat Apr 7 02:57:23 2012 Return-Path: Delivered-To: pf@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0A6B31065670 for ; Sat, 7 Apr 2012 02:57:23 +0000 (UTC) (envelope-from gkiogora@Ndovu.stratechkenya.com) Received: from Ndovu.stratechkenya.com (stratechkenya.stratechkenya.com [50.23.8.190]) by mx1.freebsd.org (Postfix) with ESMTP id CB8E68FC0C for ; Sat, 7 Apr 2012 02:57:22 +0000 (UTC) Received: from gkiogora by Ndovu.stratechkenya.com with local (Exim 4.77) (envelope-from ) id 1SGKuY-00045V-6J for pf@FreeBSD.ORG; Sat, 07 Apr 2012 04:57:30 +0300 To: pf@FreeBSD.ORG X-PHP-Script: webmasters.co.ke/mailer/cron.php for 41.81.244.225 Date: Sat, 07 Apr 2012 04:57:54 +0300 From: OFFDOCS (EA) Limited X-Mailer: PHP-EMAIL,v2.0 (wmfwlr AT cogeco DOT ca) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="--6ffa044fe86a56f08122941f6187a2b7" Message-Id: X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - Ndovu.stratechkenya.com X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [2338 32008] / [47 12] X-AntiAbuse: Sender Address Domain - Ndovu.stratechkenya.com X-Source: X-Source-Args: X-Source-Dir: Cc: Subject: Human Resources,Business & Legal Document Templates X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Apr 2012 02:57:23 -0000 ----6ffa044fe86a56f08122941f6187a2b7 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit You can now download hundreds of business forms, templates, and contracts online today. Find documents for almost every kind of business such as; - Purchase orders, - Partnership agreements, - Loan agreements, applications, - Bill of sale. You can also browse our list by popular categories such as; - Marketing - Legal - Finance - Real estate Purchase these affordable off-the-shelf documents if you are starting a business,you already are in business, or if you are just looking at your options to get to the next level. Experts in this field professionally prepared all these documents.Please consider that these documents will protect your business and assist you in fulfilling your legal obligations in line with best practice. For more information visit http://www.offdocs.com or email sales@offdocs.com Regards; Sales Team OFFDOCS LIMITED M: +254-721-351269 T: +254-20-313770 Hamilton House, Kaunda St. 2nd Floor, Suite 3, P.O. Box 18534 - 00100 Nairobi - Kenya ------------------------------------------------------------------------------------------------------------------------------------------------------ DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify admin@offdocs.com. This message contains confidential information and is intended only for the individual named. If you are not the intended recipient, please notify the sender immediately,delete this Message and do not disclose, distribute or copy it to any third party or otherwise use this Message.
Click the link below to unsubscribe from our mailing list
http://www.webmasters.co.ke/mailer/unsub.php?id=80466&t=1333761294&cid=21 ----6ffa044fe86a56f08122941f6187a2b7-- From owner-freebsd-pf@FreeBSD.ORG Sat Apr 7 05:02:37 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4878E106566C for ; Sat, 7 Apr 2012 05:02:37 +0000 (UTC) (envelope-from artemrts@ukr.net) Received: from ffe15.ukr.net (ffe15.ukr.net [195.214.192.50]) by mx1.freebsd.org (Postfix) with ESMTP id E9DF18FC12 for ; Sat, 7 Apr 2012 05:02:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ukr.net; s=ffe; h=Date:Message-Id:From:To:References:In-Reply-To:Subject:Cc:Content-Type:Content-Transfer-Encoding:MIME-Version; bh=Hq1X/VMNbhIs9vn+viC9Q/2SW30r3Aq3RjxLRBqsE1E=; b=sIbxeuomXW5qS9dhdRT9xtn+5+TEH7GpBQ/3riTzmFZ2nSEu29/H7ddKHTrESsApqj/k7IMgexb1B/dZI2jgMpHVN4ns3+s+NjahfdgZMS2/lGLcyoNSuQZalN0hV8GYSvnVq4vaYj7aD0sCAvPNtuQo7M4prFxe7RyIs4M3rAI=; Received: from mail by ffe15.ukr.net with local ID 1SGNnC-000GSA-5h ; Sat, 07 Apr 2012 08:02:30 +0300 MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: binary Content-Type: text/plain; charset="windows-1251" In-Reply-To: References: <9EB23F6C23A8B6488E8BCC92A48E832616BE0484D0@PEMEXMBXVS04.jellyfishnet.co.uk.local> To: "just man man" From: "wishmaster" X-Mailer: freemail.ukr.net 4.0 X-Originating-Ip: [195.200.251.89] Message-Id: <62491.1333774950.2235850529908850688@ffe15.ukr.net> X-Browser: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:11.0) Gecko/20100101 Firefox/11.0 Date: Sat, 07 Apr 2012 08:02:30 +0300 Cc: Greg Hennessy , "freebsd-pf@freebsd.org" Subject: Re: nat vlan X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Apr 2012 05:02:37 -0000 --- Original message --- From: "just man man" To: "Greg Hennessy" Date: 7 April 2012, 03:06:10 Subject: Re: nat vlan > Thank you, ,do you have tutorial for bandwidth management for IP in vlan. Some googling, man 5 pf.conf, man 4 altq, examples in /usr/share/examples/pf, official FAQ on OpenBSD.org. > my topology like below: > > internet ------ main > router(pf+freebed)----------router1(pf+freebsd)............VLAN...... > > my plan: > Bandwidth management in main router > Nat in router1 > > Thank you > > > On Fri, Apr 6, 2012 at 8:15 AM, Greg Hennessy wrote: > > > Put the vlan interfaces into an interface group and nat that... > > > > > -----Original Message----- > > > From: owner-freebsd-pf@freebsd.org [mailto:owner-freebsd- > > > pf@freebsd.org] On Behalf Of just man man > > > Sent: Friday, 6 April 2012 9:51 AM > > > To: freebsd-pf@freebsd.org > > > Subject: nat vlan > > > > > > How to nat multi vlan in PF in freebsd? > > > > > > thank you > > > _______________________________________________ > > > freebsd-pf@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > > > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > > > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"