On Sun, Jun 13, 2010 at 12:36:52PM +1000, Rod Whitworth wrote:
> The rule:
> pass in on $int_if inet proto tcp to any port ftp \
> rdr-to 127.0.0.1 port 8021
>
> in the example ruleset on http://www.openbsd.org/faq/pf/example1.html
> does not work for active ftp from NATted hosts.
>
> There a
Is there some reason that divert sockets (``man divert'') can't do
this for you?
On Sun, Jun 13, 2010 at 03:27:57AM +0400, Vadim Jukov wrote:
> Hello, tech@, especially PF hackers!
>
> This is a work-in-progress patch that implements direct packet inspection
> in PF. This is needed in the cases
The rule:
pass in on $int_if inet proto tcp to any port ftp \
rdr-to 127.0.0.1 port 8021
in the example ruleset on http://www.openbsd.org/faq/pf/example1.html
does not work for active ftp from NATted hosts.
There are three solutions which all work.
A> make it "pass in quick ."
B> move th
Hello, tech@, especially PF hackers!
This is a work-in-progress patch that implements direct packet inspection
in PF. This is needed in the cases when traffic could not be easily
detected by other mechanisms. The actual example is new UDP-based
protocol of uTorrent program that spams networks h
Hi,
The following will disregard the routing table for multicast packets
when the application chose the interface with IP_MULTICAST_IF, if not,
normal lookup will take place.
Ripd now no longer needs to explicitly add the mcast host route to
bypass the default reject to 224/4, follows the diff to
