From owner-freebsd-net@freebsd.org  Mon Dec 19 21:01:53 2016
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E9ED5C888D7
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Mon, 19 Dec 2016 21:01:53 +0000 (UTC)
 (envelope-from alarig@swordarmor.fr)
Received: from kaiminus.swordarmor.fr (kaiminus.swordarmor.fr
 [IPv6:2a00:5884:8200:15::1])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id AF8F217AC
 for <freebsd-net@freebsd.org>; Mon, 19 Dec 2016 21:01:53 +0000 (UTC)
 (envelope-from alarig@swordarmor.fr)
Received: from kaiminus (localhost [IPv6:::1])
 (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits))
 (No client certificate requested)
 by kaiminus.swordarmor.fr (Postfix) with ESMTPS id 155CF892C5;
 Mon, 19 Dec 2016 22:01:51 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=swordarmor.fr;
 s=default; t=1482181311;
 bh=FEtv9scWT5Z74v7oIxr0A/psENYl/M+pFgxsuAL267c=;
 h=Date:From:To:Cc:Subject:References:In-Reply-To;
 b=LAlYm4PcDA2GimzGZJG+FAAyXDK4SDfRV0ZoVK4EauuzNz4UpDaCpUmWRvVEgZ/KM
 YElw/jJrqFpaiOcsWAuC0ZAwpVXDLqAPpP+r0ie/MiVwj75VXmzPmfNa4XBXvd65oa
 YegKkJsSarYHcI3Sz1qWW0/Sykq7OVD3J6o7n6mg=
Date: Mon, 19 Dec 2016 22:01:51 +0100
From: Alarig Le Lay <alarig@swordarmor.fr>
To: Eugene Grosbein <eugen@grosbein.net>
Cc: freebsd-net@freebsd.org
Subject: Re: Avoid using RFC3927 outside of the link
Message-ID: <20161219210150.mf4cwx3k33x2qbbe@kaiminus>
References: <20161219184617.7yph7isgtgjy4mja@kaiminus>
 <58582C25.7090806@grosbein.net>
 <20161219190506.kc32q7sz3okekup7@kaiminus>
 <58583645.3090502@grosbein.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="qlo3tw4cmxg455lw"
Content-Disposition: inline
In-Reply-To: <58583645.3090502@grosbein.net>
User-Agent: NeoMutt/20161104 (1.7.1)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Dec 2016 21:01:54 -0000


--qlo3tw4cmxg455lw
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue Dec 20 02:34:29 2016, Eugene Grosbein wrote:
> Well, you can always use brute force instead:
>=20
> ipfw nat 169 config reset ip 89.234.186.1 && \
> ipfw add 60 nat 169 ip from 169.254.0.0/16 to any out xmit igb0
>=20
> That's ugly but works.

I will work just by side effect: by doing this, I will send BGP packets
=66rom 89.234.186.1, which is an IP than the peer learned by BGP. This will
create a recursive loop, and the session will be shut. So, no more
traffic will transit through this interface, and this IP will not be
displayed anymore :p

--=20
alarig

--qlo3tw4cmxg455lw
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJYWEq7AAoJEK84SsFrICuI9rIIAIq610fOw3KUonFG+lSBK2Qk
bwu/DysUzJXLWc+0KrfDbuAxb0gtYeQSx/DcRBS234jWbruH1eDd8ODE9zirz88s
PL8FGNA+kiMazUzPucMN+1flqySrS4UL1mPaL4IsO2C5An5jTAa7TciGD4Wlwan+
GZIJm9W/2UZrdg0RI6BZAtdAuaZwOqKhuWmSjL3IuyJh+ATQh5xyCjDFZIezq7MD
5gljHVJiQzwY9rGvSkvvy02Dux3CNvLLrhV5L07K50vchIf0We1pjkuOT4SQwnw0
lok/b8ny/moQv+TVcCMQHM3hPczArMH3h3K5jBjheZwW2h+YkKKRB09M2q2gVKs=
=FfkW
-----END PGP SIGNATURE-----

--qlo3tw4cmxg455lw--