From owner-freebsd-net@FreeBSD.ORG Tue Apr 17 18:26:53 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7B5CC16A400 for ; Tue, 17 Apr 2007 18:26:53 +0000 (UTC) (envelope-from bill.marquette@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.175]) by mx1.freebsd.org (Postfix) with ESMTP id 126EF13C483 for ; Tue, 17 Apr 2007 18:26:52 +0000 (UTC) (envelope-from bill.marquette@gmail.com) Received: by ug-out-1314.google.com with SMTP id 71so200060ugh for ; Tue, 17 Apr 2007 11:26:51 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=RYSoHNttssOzb65ibbjPX1AqhPNIag8rMmQp7+HismnrvgfTS/OVo9yA7WZnFf0nLcXtG50wh+0GzrMK129IwMA/ERBV2WnFqTiFOq2knuftP2twpixQ94BsYoDhKCLpQEQPXgpkHXnJYmygSeGSfhCbc6OjHdef3M9ZwcLg2DM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=IzDARmme0OW3pNd0KiUFU7yloVo8QaR8Ff4KqBBUyML9FoYsTZH2UFznPdr89bmuXOVMw1B0gtTXGTxOsHmgfiI6BVHd/V060R+r9hjEw8pz35382EnbS1m8DBepVJJtLFzBXeeZseXzT36el/D7UDnCHVve3aNOQP3V8rBiOBU= Received: by 10.67.97.7 with SMTP id z7mr655167ugl.1176832829535; Tue, 17 Apr 2007 11:00:29 -0700 (PDT) Received: by 10.67.48.2 with HTTP; Tue, 17 Apr 2007 11:00:29 -0700 (PDT) Message-ID: <55e8a96c0704171100v2222eed4g606a8f5f25f2c06b@mail.gmail.com> Date: Tue, 17 Apr 2007 13:00:29 -0500 From: "Bill Marquette" To: freebsd-net@freebsd.org In-Reply-To: <55e8a96c0704171025n4a3a8893s912886f6cfd7b36a@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <55e8a96c0704171025n4a3a8893s912886f6cfd7b36a@mail.gmail.com> Subject: Fwd: ng_tag and pf? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Apr 2007 18:26:53 -0000 Forwarding to -net to get a larger audience. Any help would be appreciated. Thanks --Bill ---------- Forwarded message ---------- From: Bill Marquette Date: Apr 17, 2007 12:25 PM Subject: ng_tag and pf? To: "freebsd-pf@freebsd.org" Is it possible to use ng_tag in conjunction with pf? I have a setup in OpenBSD currently where I use the bridge interface to apply a tag to a packet based on the mac address so that when pf gets the packet it can apply a reply-to rule to it to keep traffic flows symmetric (the upstream device(s) also keep state, so the reply path has to be the same). I'm looking to duplicate this in FreeBSD with pf and I think ng_tag and maybe ng_bpf can make this happen, but I'm at a bit of a loss as to how at this point. Any pointers or at least a "yes it's absolutely possible, figure it out and let us know the exact config" answer would be very much appreciated. Thanks --Bill