GRE and PF problem

From: Alex Povolotsky (tarkhil_at_webmail.sub.ru)
Date: 07/13/05

Next message: Matt Emmerton: "Re: ntop binary for 5.x in existence ? (the real ntop, not the kitchen sink one...)"

Previous message: Jeremie Le Hen: "Problem with Path MTU Discovery"
Next in thread: compunction: "Re: GRE and PF problem"
Reply: compunction: "Re: GRE and PF problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Wed, 13 Jul 2005 19:44:44 +0400
To: freebsd-net@freebsd.org

Hello!

I'm using FreeBSD (5.3-RELEASE-p5) as internet access server, and I have
to NAT GRE packets. I'm using pf.

The problem is that SOMETIMES PF fails to create proper rule using nat,
while binat works fine.

Not only I do not want to expose Windows boxes (even if those addresses
are firewalled), but it's also a terrible waste of real IPs.

Can anyone point me if I have incorrect PF config, or PF just work
poorly with gre?

Alex.

_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

Next message: Matt Emmerton: "Re: ntop binary for 5.x in existence ? (the real ntop, not the kitchen sink one...)"

Previous message: Jeremie Le Hen: "Problem with Path MTU Discovery"
Next in thread: compunction: "Re: GRE and PF problem"
Reply: compunction: "Re: GRE and PF problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

unix.derkeiler.com > Mailing-Lists > FreeBSD > net > 2005-07