Date: Wed, 3 Sep 2008 23:10:54 -0700 From: Jeremy Chadwick <koitsu@FreeBSD.org> To: Peter Wullinger <peter.wullinger@googlemail.com> Cc: Guido van Rooij <guido@gvr.org>, freebsd-pf@freebsd.org Subject: Re: keeping state on outgoing connections fails (?) Message-ID: <20080904061054.GA4131@icarus.home.lan> In-Reply-To: <20080903161759.GA2761@kaliope.home> References: <20080903110943.GA25396@gvr.gvr.org> <20080903152632.GA89687@icarus.home.lan> <20080903161759.GA2761@kaliope.home>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Sep 03, 2008 at 06:17:59PM +0200, Peter Wullinger wrote: > I'll reply to Jeremy, since his answer somehow confused me. > > In epistula a Jeremy Chadwick, die horaque Wed Sep 3 17:26:32 2008: > > I'm a bit confused by these rules and your network configuration. > > Rule #1 allows any packet with a source address of 1.2.3.1, arriving on > > the ep0 interface, destined to 10.0.0.2. How exactly are packets > > arriving on ep0 (which is bound to 1.2.3.0/24) with a destination of > > 10.0.0.2 in the first place? That seems strange. Is your gateway on > > your network blindly forwarding packets between networks or something? > > Or is this FreeBSD box acting *as* a gateway? > > It seems to be a gateway, forwarding packets. What exactly do you find > strange? Have I missed something? Sorry for confusing you -- if it's a gateway, the OP needed to state such. I can't assume it's a gateway, because in this day and age people try to do crazy things with networks, especially with bridging. If it's a gateway, there's nothing strange about it. If it isn't a gateway, I can't see how any of the above would work. -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080904061054.GA4131>