Date: Thu, 16 Sep 2004 04:02:53 -0000 From: "Amir S." <amir@boom.org.il> To: pf4freebsd@freelists.org Subject: [pf4freebsd] Re: nat dynamic ip interface Message-ID: <20040316102959.GA20599@active.ath.cx> In-Reply-To: <20040316101632.GA79257@router.laiers.local> References: <20040316085734.GA40180@active.ath.cx> <20040316101632.GA79257@router.laiers.local>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Mar 16, 2004 at 11:16:32AM +0100, Max Laier wrote:
>
>On Tue, Mar 16, 2004 at 10:57:34AM +0200, Amir S. wrote:
>> pass out on $adsl_if proto tcp all modulate state flags S/SA group wheel
>> pass out on $adsl_if proto { udp, icmp } all keep state group wheel
>
>This seems bogus as there should not be any ip traffic on $adsl_if. All
>traffic there should be encapsulated inside of PPPoE packets. Take a look at
>the counters to see if these rules are matched at all. (pfctl -vsr)
I'm using those rules to allow access from my machine to the adsl modem.
my adsl modem provides web, telnet access for status, reboot, etc.
--
Amir.
-- Attached file included as plaintext by Ecartis --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFAVtcn6GJjqfuvOIgRAtU3AJ48xHIgZt0iDryF7YpbTXLKztMBSgCfeDkm
EvNFcjP+1dTwF4wB6VP+JQg=
=/+O6
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040316102959.GA20599>