From owner-freebsd-pf@FreeBSD.ORG  Wed Jul 27 23:09:08 2005
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 232DD16A41F
	for <freebsd-pf@freebsd.org>; Wed, 27 Jul 2005 23:09:08 +0000 (GMT)
	(envelope-from dmelameth@mba-cpa.com)
Received: from mail.mba-cpa.com (mail.mba-cpa.com [12.149.90.162])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9C55343D53
	for <freebsd-pf@freebsd.org>; Wed, 27 Jul 2005 23:09:07 +0000 (GMT)
	(envelope-from dmelameth@mba-cpa.com)
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 27 Jul 2005 19:09:05 -0400
Message-ID: <31BA35C490DBFC40B5C331C7987835AE61236C@mbafmail.internal.mba-cpa.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: pinging same host on the internet from two different LAN stations
Thread-Index: AcWSaFj8BU+56juMQEyYTyki4MN9GwAlYEIg
From: "Melameth, Daniel D." <dmelameth@mba-cpa.com>
To: "Pejman Moghadam" <d_a_d_a_sh@yahoo.com>
Cc: pf@benzedrine.cx, freebsd-pf@freebsd.org
Subject: RE: pinging same host on the internet from two different LAN
	stations
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Jul 2005 23:09:08 -0000

Pejman Moghadam wrote:
> Melameth, Daniel D. wrote :
> > FWIW, while I haven't looked into this in detail, it appears Windows
> > clients always use the same ICMP ID--512...
>=20
> I think this is right, beacuse of this state entry :
>=20
> self icmp 192.168.1.18:512 -> 1.2.3.4:512 -> 192.9.9.3:512       0:0
>=20
> but i have not any problem with windows clients when i use ipfw in
> freebsd or even iptables in linux.
> why same ICMP ID(512) is so important for PF? how can i deal with
> that ?

I don't know the specifics of any other these packet filters and haven't
looked at any code, but I'd speculate that ipfw and iptables are
proxying these ICMP IDs in some capacity similar to the way TCP ports
are proxied and pf is just using the ICMP ID that is provided by the
client.

Then again, I could be very wrong.

Danny