[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Skipping interfaces in pf [was: pf filtering on loopback?]

To: tech_(_at_)_openbsd_(_dot_)_org
Subject: Skipping interfaces in pf [was: pf filtering on loopback?]
From: "Alexey E. Suslikov" <cruel_(_at_)_texnika_(_dot_)_com_(_dot_)_ua>
Date: Tue, 21 Dec 2004 22:35:38 +0200
Reply-to: "Alexey E. Suslikov" <cruel_(_at_)_texnika_(_dot_)_com_(_dot_)_ua>

Henning Brauer wrote:

> * Max Laier <max_(_at_)_love2party_(_dot_)_net> [2004-12-20 01:17]:
>> There have been some, but none suggested that it is a stupid idea. Daniel even 
>> stated support (if I understand correctly?). Is there anything going on or 
>> has this just been forgotten about?
>> I'd really like to see it happening.
> 
> I actually have this somewhere on my virtual todo since 2002.
> 
> On the other hand, in each and every situation I could live without 
> just fine yet.

i think, everyone can live without "nat pass" too: by specifying
"nat" and "pass" rules separately.

but you have added "nat pass", because it makes ruleset less
redundant and more readable (see link below).

http://marc.theaimsgroup.com/?l=openbsd-cvs&m=105731547517046&w=2

now, we have the equal situation: feature is light, low cost and
making ruleset less redundant and more readable.

Max didn't moan. Max did this hack. Henning, why do you resist? :)

Prev by Date: OpenBSD/NetSNMP & OpenView NNM
Next by Date: Possible NFS alternative - AFS ?
Previous by thread: Re: Skipping interfaces in pf [was: pf filtering on loopback?]
Next by thread: Re: ksh file name completion oddity / ksh cleanup question
Index(es):
- Date
- Thread

Visit your host, monkey.org