Date: Wed, 4 Jan 2012 08:30:16 -0800 From: Michael Sierchio <kudzu@tenebras.com> To: Edward Carrel <azanar@carrel.org> Cc: Damien Fleuriot <ml@my.gd>, "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>, Da Rock <freebsd-questions@herveybayaustralia.com.au> Subject: Re: pf not seeing inbound packets on netgraph interface Message-ID: <CAHu1Y72jNNXMg_HgiwA4=5Va=huduErZL6=gHTgCcymj77j1AA@mail.gmail.com> In-Reply-To: <7999DEBF-0F29-4F94-8A69-942176004C4E@carrel.org> References: <CAC6u2XeLijriLrYgiUf32BMLzYF-uza18c_e9Rk9jXmxe0fW2w@mail.gmail.com> <4F02AC09.6080005@herveybayaustralia.com.au> <20492D60-81BE-43A1-BCE1-594F5715ABF6@my.gd> <7999DEBF-0F29-4F94-8A69-942176004C4E@carrel.org>
next in thread | previous in thread | raw e-mail | index | archive | help
man 4 enc On Tue, Jan 3, 2012 at 8:30 PM, Edward Carrel <azanar@carrel.org> wrote: > On Jan 3, 2012, at 12:12 AM, Damien Fleuriot wrote: > >> Thinking -pf@ or -net@ would be a better place to discuss this, more chances of getting an answer. > > I was wondering about that. I'll send my question to -net@ to start. Thanks. > >> Out of curiosity why not use a gif interface ? >> I had that working just fine with racoon and was able to actually firewall traffic on it with PF, iirc. > > From what I understand of gif interfaces, they are useful when IPSec is handling the tunnel pretty much end-to-end, and just needs a passthrough interface to direct traffic to and from. If I am wrong about this, please let me know. > > The reason why I'm using netgraph instead is because the LNS is not run by me, and there is no other way of connecting to the other end but via L2TP/IPSec. > > If there is a way to use L2TP, and leverage a gif interface to complete the loop on my end, I'd be interested to hear about it. > > Thanks, > > Ed Carrel_______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y72jNNXMg_HgiwA4=5Va=huduErZL6=gHTgCcymj77j1AA>