[Cc'ed to freebsd-current : I earnestly hope you don't mind Arjan]
On Tue, Feb 01, 2000 at 10:25:46PM +0100, Arjan de Vet wrote:
>
> I'm current using a -current of Jan 22.
>
> >With user PPP on tun0 and kernel PPP on ppp0 there seem to be no
> >problems, so far. If something comes up after tonight's build, I'll let
> >you know.
>
> I just described in another mail to this thread the symptoms I am seeing
> with tun0 and ipfilter. It would be interesting to see whether you could
> reproduce the symptoms.
I saw your mail Arjan. This is what made me try tun0 with ipfilter,
since I'm normally using kernel ppp.
Ok, I'm still using the "world" I built today from sources cvsup'ed last
night (Jan 31 2000). I tried to change the rules to use tun0 instead of
ppp0, and fired up user-ppp manually a few minutes ago.
The rules I use with ipfilter start with:
% cat /etc/ipf.conf
# The rule groups:
pass in on ppp0 all head 10
pass out on ppp0 all head 20
pass in all
...
The only change I had to make to test tun0 was to change ppp0 in the
two first head-lines to tun0. Trying to reproduce what you saw Arjan,
I loaded the rules with `ipf -FA ; ipf -f ipf.conf' before I started
user-ppp. The rules were just there, waiting.
Dialed in and waited a few minutes to see if anything weird happens.
In the meantime, fetchmail woke up and fetched a few mail without a
problem. I visited a few web pages to see if it breaks while I'm
surfing... The rules are still loaded now that I'm writing. The output
of ipfstat (minus some uninteresting rules for filtering 127.0.0.0/8
coming from tun0, etc) looks like:
# ipfstat -hnio | grep -v ^0
139 @1 pass out on tun0 from any to any head 20
83 @1 pass in on tun0 from any to any head 10
385 @2 pass in from any to any
I'm using ppp0 all the time, I just wanted to see if anything strange
happens when switching to tun0. Since it seems to work for me, what is
it that you have observed Arjan? The rules never get hit? The rules
get hit, but they do not work as expected?
--
Giorgos Keramidas, < keramida @ ceid . upatras . gr >
For my public PGP key: finger [EMAIL PROTECTED]
PGP fingerprint, phone and address in the headers of this message.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
