Date: Tue, 30 May 2017 20:05:19 +0200 From: Kajetan Staszkiewicz <vegeta@tuxpowered.net> To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: freebsd-pf@freebsd.org Subject: Re: pf not checking traffic from tunnels Message-ID: <2427866.HH9brvnEOx@energia> In-Reply-To: <E08E37F7-F5E3-4079-8A1D-5126AADF1B8A@lists.zabbadoz.net> References: <1853600.RL7SYQSJBX@energia> <E08E37F7-F5E3-4079-8A1D-5126AADF1B8A@lists.zabbadoz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Dnia wtorek, 30 maja 2017 16:22:05 CEST Bjoern A. Zeeb pisze: > On 30 May 2017, at 16:17, Kajetan Staszkiewicz wrote: > > Is there any option to check from userspace if the gif interface has > > pf > > attached in netpfil hook for incoming traffic? Running tcpdump on gif > > interface correctly shows incoming icmp echo request. > > What you want to read is > man 4 enc > I think. That was close but not really :) Proper lecture was man 4 ipsec and this switch: net.inet.ipsec.filtertunnel -- | pozdrawiam / greetings | powered by Debian, FreeBSD and CentOS | | Kajetan Staszkiewicz | jabber,email: vegeta()tuxpowered net | | Vegeta | www: http://vegeta.tuxpowered.net | `------------------------^---------------------------------------' [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQSOEQZObv2B8mf0JbnjtFCvbXs6FAUCWS20XwAKCRDjtFCvbXs6 FBdPAJ4wIRW4A5G8X3eoeNloa/k74CPELACgvsDPUuEKSj2zIY0JXjEGG0ZNDEU= =ImwS -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2427866.HH9brvnEOx>