Date: Wed, 04 Jan 2023 19:32:00 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 267278] ipfw mask addr:mask syntax creates wrong rule Message-ID: <bug-267278-227-JWJy1fUzGF@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-267278-227@https.bugs.freebsd.org/bugzilla/> References: <bug-267278-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D267278 --- Comment #6 from Andrey V. Elsukov <ae@FreeBSD.org> --- (In reply to Marek Zarychta from comment #5) > My concern is the requirement to set net.inet.ip.fw.one_pass=3D0, but pro= bably > without this setting dummynet and nat64lsn aren't supposed to work togeth= er,=20 > is that right? When you use nat64_direct_output, nat64 module will send translated packet directly and dummynet will be unable to catch it for scheduling. When you use dummynet+onepass, a packet after scheduling will have IPFW_ONE= PASS flag. This means it will be explicitly accepted without passing through firewall rules when you plan it to be translated. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-267278-227-JWJy1fUzGF>