Hello,
> pass in on em0 from v.x.y.z/n to a.b.c.d/m \
> route-to o.p.q.r nat-to (em2)
>
> > then this needs to be converted to two rules:
> >
> > match in on em0 from v.x.y.z/n to a.b.c.d/m nat-to(em2)
> > pass in on em0 from v.x.y.z/n to a.b.c.d/m route-to o.p.q.r
>
On Tue, Feb 02, 2021 at 11:30:12AM +0100, Alexandr Nedvedicky wrote:
> Hello,
>
>
> On Tue, Feb 02, 2021 at 02:52:52PM +1000, David Gwynne wrote:
> >
> > however, like most things relating to route-to/reply-to/dup-to, im
> > pretty sure at this point it's not used a lot, so the impact is minimal
Hello,
On Tue, Feb 02, 2021 at 02:52:52PM +1000, David Gwynne wrote:
>
> however, like most things relating to route-to/reply-to/dup-to, im
> pretty sure at this point it's not used a lot, so the impact is minimal.
> a lot of changes in this space have already been made, so adding another
> simp
On Tue, Feb 02, 2021 at 02:52:52PM +1000, David Gwynne wrote:
> this is part of a high level discussion about when pf runs against a
> packet. the options are:
>
> 1. pf runs when a packet goes over an interface
> or
> 2. pf runs when a packet enters or leaves the network stack.
>
> for normal pa
this is part of a high level discussion about when pf runs against a
packet. the options are:
1. pf runs when a packet goes over an interface
or
2. pf runs when a packet enters or leaves the network stack.
for normal packet handling there isn't a difference between these
options. in the routing c
