From owner-freebsd-pf@FreeBSD.ORG  Thu Sep 16 04:02:53 2004
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 674)
	id 37F7816A4D0; Thu, 16 Sep 2004 04:02:53 +0000 (GMT)
Delivered-To: mlaier@vampire.homelinux.org
Received: (qmail 79581 invoked by uid 1005); 16 Mar 2004 10:39:33 -0000
Delivered-To: max@vampire.homelinux.org
Received: (qmail 79578 invoked from network); 16 Mar 2004 10:39:33 -0000
Received: from moutng.kundenserver.de (212.227.126.189)
  by pd95300c5.dip.t-dialin.net with SMTP; 16 Mar 2004 10:39:33 -0000
Received: from [212.227.126.147] (helo=mxng04.kundenserver.de)
	by moutng.kundenserver.de with esmtp (Exim 3.35 #1)
	id 1B3BsU-0004df-00
	for max@vampire.homelinux.org; Tue, 16 Mar 2004 11:32:54 +0100
Received: from [206.53.239.180] (helo=turing.freelists.org)
	by mxng04.kundenserver.de with esmtp (Exim 3.35 #1)
	id 1B3BsQ-0001M6-00
	for max@love2party.net; Tue, 16 Mar 2004 11:32:50 +0100
Received: from turing (localhost [127.0.0.1])ESMTP
	id 043E7390ECF; Tue, 16 Mar 2004 05:26:54 -0500 (EST)
Received: with ECARTIS (v1.0.0; list pf4freebsd);
	Tue, 16 Mar 2004 05:26:41 -0500 (EST)
X-Original-To: pf4freebsd@freelists.org
Delivered-To: pf4freebsd@freelists.org
Received: from napo.bezeqint.net (napo.bezeqint.net [192.115.104.9])
	ESMTP id B1D2139081A
	for <pf4freebsd@freelists.org>; Tue, 16 Mar 2004 05:26:38 -0500 (EST)
Received: from napo.bezeqint.net (localhost [127.0.0.1])
	SMTP id E806514C194
	for <pf4freebsd@freelists.org>; Tue, 16 Mar 2004 12:31:35 +0200 (IST)
Received: from active.ath.cx ([IP=212.179.184.244]) by eSafe SMTP Relay
	1079396485; Tue Mar 16 12:30:12 2004
Received: from localhost (localhost.active.ath.cx [127.0.0.1])
	by active.ath.cx (Postfix) with ESMTP id C56235C78
	for <pf4freebsd@freelists.org>; Tue, 16 Mar 2004 12:30:11 +0200 (IST)
Received: from active.ath.cx ([127.0.0.1])
 by localhost (active.ath.cx [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
 id 06206-05 for <pf4freebsd@freelists.org>;
 Tue, 16 Mar 2004 12:30:01 +0200 (IST)
Received: by active.ath.cx (Postfix, from userid 1000)
	id B4E395C80; Tue, 16 Mar 2004 12:30:00 +0200 (IST)
From: "Amir S." <amir@boom.org.il>
To: pf4freebsd@freelists.org
Message-ID: <20040316102959.GA20599@active.ath.cx>
References: <20040316085734.GA40180@active.ath.cx>
	<20040316101632.GA79257@router.laiers.local>
Mime-Version: 1.0
Content-type: text/plain
Content-Disposition: inline
In-Reply-To: <20040316101632.GA79257@router.laiers.local>
User-Agent: Mutt/1.4.2.1i
X-Virus-Scanned: by amavisd-new at active.ath.cx
X-archive-position: 291
X-ecartis-version: Ecartis v1.0.0
Sender: pf4freebsd-bounce@freelists.org
Errors-To: pf4freebsd-bounce@freelists.org
X-original-sender: amir@boom.org.il
Precedence: normal
X-list: pf4freebsd
Content-Transfer-Encoding: quoted-printable
X-Provags-Forward: max@love2party.net -> max@vampire.homelinux.org
X-UID: 409
X-Length: 4043
X-Mailman-Approved-At: Thu, 16 Sep 2004 04:04:43 +0000
Subject: [pf4freebsd] Re: nat dynamic ip interface
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.1
Reply-To: pf4freebsd@freelists.org
List-Id: Technical discussion and general questions about packet filter (pf)
	<freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
Date: Thu, 16 Sep 2004 04:02:53 -0000
X-Original-Date: Tue, 16 Mar 2004 12:29:59 +0200
X-List-Received-Date: Thu, 16 Sep 2004 04:02:53 -0000

On Tue, Mar 16, 2004 at 11:16:32AM +0100, Max Laier wrote:
>
>On Tue, Mar 16, 2004 at 10:57:34AM +0200, Amir S. wrote:
>> pass out on $adsl_if proto tcp all modulate state flags S/SA group whe=
el
>> pass out on $adsl_if proto { udp, icmp } all keep state group wheel
>
>This seems bogus as there should not be any ip traffic on $adsl_if. All
>traffic there should be encapsulated inside of PPPoE packets. Take a loo=
k at
>the counters to see if these rules are matched at all. (pfctl -vsr)
I'm using those rules to allow access from my machine to the adsl modem.

my adsl modem provides web, telnet access for status, reboot, etc.

--=20
	Amir.


-- Attached file included as plaintext by Ecartis --

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFAVtcn6GJjqfuvOIgRAtU3AJ48xHIgZt0iDryF7YpbTXLKztMBSgCfeDkm
EvNFcjP+1dTwF4wB6VP+JQg=3D
=3D/+O6
-----END PGP SIGNATURE-----