From owner-freebsd-pf@FreeBSD.ORG Thu May 9 12:29:57 2013 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id A070A620 for ; Thu, 9 May 2013 12:29:57 +0000 (UTC) (envelope-from peter@bsdly.net) Received: from skapet.bsdly.net (cl-426.sto-01.se.sixxs.net [IPv6:2001:16d8:ff00:1a9::2]) by mx1.freebsd.org (Postfix) with ESMTP id 5352E365 for ; Thu, 9 May 2013 12:29:57 +0000 (UTC) Received: from sonofskinny.bsdly.net ([192.168.103.254] helo=deeperthought.bsdly.net) by skapet.bsdly.net with esmtp (Exim 4.77) (envelope-from ) id 1UaPyr-0000de-7Z; Thu, 09 May 2013 14:29:53 +0200 From: peter@bsdly.net (Peter N. M. Hansteen) To: freebsd-pf@freebsd.org Subject: Re: packet tagging References: <1368097169.74234.YahooMailNeo@web162701.mail.bf1.yahoo.com> Date: Thu, 09 May 2013 14:29:52 +0200 In-Reply-To: <1368097169.74234.YahooMailNeo@web162701.mail.bf1.yahoo.com> (Nomad Esst's message of "Thu, 9 May 2013 03:59:29 -0700 (PDT)") Message-ID: <878v3obakf.fsf@deeperthought.bsdly.net> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.2 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 May 2013 12:29:57 -0000 Nomad Esst writes: > Should the system act as a bridge in order to do the tagging or is it > (bridge) just used to do the tagging regardless of the system rule? You can tag packets on incoming and filter on the tags later in your ruleset in non-bridge configurations too. But of course bridges have their own tagging and filtering facilities that may be combined with PF features. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.