On 2014/06/24 15:07, Mike Belopuhov wrote:
> I propose to avoid the confusion by flagging such situations as
> errors, e.g.:
>
> % echo 'pass out nat-to { ::1 1.1.1.1 }' | ./obj/pfctl -o none -vnf -
> stdin:1: translation spec contains addresses with different address families
> stdin:1: skipping rule due to errors
> stdin:1: rule expands to no valid combination
>
> While previously it would pick only one of them (the first one):
I agree with this change, it does need a warning in current.html to
avoid users being bitten by it (mostly this is likely when using interface
names e.g. "echo 'pass out nat-to lo0' | pfctl -vnf -"), however the
recent change to disabling ipv6 by default should reduce the impact of
this.
