Date: Thu, 27 Sep 2007 20:52:49 +0200 From: Max Laier <max@love2party.net> To: freebsd-pf@freebsd.org Subject: Re: Rule doubt Message-ID: <200709272052.59861.max@love2party.net> In-Reply-To: <94CADB570ACCB0418E8236C8F24BD95C015FB50B@VIRTUALEXCHANGE.corp.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Thursday 27 September 2007, David Verzolla wrote: > Hi All, > Its possible creates a rule that can match all the traffic designated > to an specific interface? > > Example: > > pass in on $vlan10 from <vlan10> to (the interface, not the address) > $ext_if I'm not 100% sure what you are after here. The from/to part always takes an address as argument. You can use the "($ext_if)" syntax to dynamically fill in all addresses that are configured on the interface at the moment of evaluation, but you can't directly influence routing decisions. That means you can't write a single rule that says "traffic from $vlan10 must only go to $ext_if". In order to do this, you should take a look at tagging. > The $ext_if:network doesn't works for me. -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQBG+/wLXyyEoT62BG0RAsoKAJ9DVO4btHwvRTSk31rTQCITS8/kGQCfVOHx /TJQVDUsGNO16IJ4SSE79KI= =LB0O -----END PGP SIGNATURE-----home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200709272052.59861.max>