From owner-freebsd-pf@FreeBSD.ORG  Fri Oct 13 21:23:21 2006
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B996416A407
	for <freebsd-pf@freebsd.org>; Fri, 13 Oct 2006 21:23:21 +0000 (UTC)
	(envelope-from solinym@gmail.com)
Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.183])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 454EC43D60
	for <freebsd-pf@freebsd.org>; Fri, 13 Oct 2006 21:23:20 +0000 (GMT)
	(envelope-from solinym@gmail.com)
Received: by py-out-1112.google.com with SMTP id o67so1228613pye
	for <freebsd-pf@freebsd.org>; Fri, 13 Oct 2006 14:23:19 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
	h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=ttACIH5no3KhDD7l4nk/k2Lf2Cog1amSI8tYLlVB/jO8qtjEuVXQB6IL1xik3IQkf4lzxu1jIXnf7pV/qzHa/d7yR5LMHEqli0h6FFDN1WHQ+D2XfX8HbIRqDVkiNGnFB7RcFReq4AVz1KnaITq1GllUTJ5aQJI8rKhHfN2wmCQ=
Received: by 10.35.119.8 with SMTP id w8mr7364450pym;
	Fri, 13 Oct 2006 14:23:19 -0700 (PDT)
Received: by 10.35.35.8 with HTTP; Fri, 13 Oct 2006 14:23:19 -0700 (PDT)
Message-ID: <d4f1333a0610131423g2bc39694rb8dea6b8a49e3b12@mail.gmail.com>
Date: Fri, 13 Oct 2006 16:23:19 -0500
From: "Travis H." <solinym@gmail.com>
To: "B. Cook" <bcook@poklib.org>
In-Reply-To: <54636.24.161.8.173.1160744143.squirrel@mail.poklib.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <56217.24.161.8.173.1159492654.squirrel@mail.poklib.org>
	<d4f1333a0610130213q21fc91d2v4f82ede3ef562f9d@mail.gmail.com>
	<54636.24.161.8.173.1160744143.squirrel@mail.poklib.org>
Cc: freebsd-pf@freebsd.org
Subject: Re: Transparent proxy with ! and table issues..
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Oct 2006 21:23:21 -0000

On 10/13/06, B. Cook <bcook@poklib.org> wrote:
> the "no rdr" needed to be before the rdr statements.  It seems that having
> the !<localnets> it would only take the first network and not the second.

Well, I don't think that's the way it was working.

Negated lists don't work as expected (see the FAQ), but your table "noproxy"
had one entry in it and you were negating it, and it appears to work the
way I'd expect.

Perhaps you got confused, or what you posted was not what you were
talking about.

Note that you can put negated items in a table, but avoid negated items
in a list.
-- 
"The obvious mathematical breakthrough would be the development of an
easy way to factor large prime numbers.'' [sic] -- Bill Gates  -><-
<URL:http://www.lightconsulting.com/~travis/>
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066  151D 0A6B 4098 0C55 1484