Unix Technical Forum

Re: Migration to PF - some questions

This is a discussion on Re: Migration to PF - some questions within the lucky.openbsd.misc forums, part of the OpenBSD category; --> On 8 Sep 2005, at 14:55, Stephan A. Rickauer wrote: > Ok, I'll make it more concrete. If a ...


Go Back   Unix Technical Forum > Unix Operating Systems > OpenBSD > lucky.openbsd.misc

Re: Migration to PF - some questions Re: Migration to PF - some questions

Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 02-17-2008, 06:09 AM
Gaby vanhegan
 
Posts: n/a
Default Re: Migration to PF - some questions
On 8 Sep 2005, at 14:55, Stephan A. Rickauer wrote:

> Ok, I'll make it more concrete. If a machine has traffic going over
> two interfaces (router) a netfilter rule would look like this:
>
> iptables -A FORWARD -i in-iface -o out-iface ...
>
> It looks like with pf one achieves that with:
>
> pass in on in-iface ...
> pass out on out-iface ...
>
> Is that basically correct?

Yes, that's all you need. You might want to use:

$if_in="xl0"
$if_out="xl1"
pass in on $if_in keep state
pass out on $if_out keep state

Gaby

--
Junkets for bunterish lickspittles since 1998!
gaby@vanhegan.net
http://weblog.vanhegan.net

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Re: Migration to PF - some questions | scp Remote -> Remote fails »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


All times are GMT. The time now is 11:14 PM.

Contact Us - Unix Technical Forums - Top

Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0
www.UnixAdminTalk.com