RE: viewing pf rules in tcpdump output

2006-01-16 Thread Melameth, Daniel D.
Peter wrote: --- Melameth, Daniel D. [EMAIL PROTECTED] wrote: Peter wrote: Question: Why does tcpdump show pf rules when I use the pflog0 interface in combination with the -e switch (link layer)? It's a fantastic feature but it seems like an odd way to arrive at it. rule

RE: viewing pf rules in tcpdump output

2006-01-16 Thread Peter
--- Melameth, Daniel D. [EMAIL PROTECTED] wrote: Peter wrote: Question: Why does tcpdump show pf rules when I use the pflog0 interface in combination with the -e switch (link layer)? It's a fantastic feature but it seems like an odd way to arrive at it. rule 0/(match) [uid 0, pid

Re: viewing pf rules in tcpdump output

2006-01-16 Thread Richard Yates
On 15/01/06, ed [EMAIL PROTECTED] wrote: Another question, how do you associate the rule number to line in pf.conf, without doing the obvious mental exercise, with many rules it can be a chore. have a look at pftop if you're not aware of it already, one of its views will list rules and their

Re: viewing pf rules in tcpdump output

2006-01-16 Thread ed
On Sun, 15 Jan 2006 17:20:25 + Karl O. Pinc [EMAIL PROTECTED] wrote: Sorry, pasted from the wrong window. This is the correct script. On 01/15/2006 06:28:21 AM, ed wrote: Another question, how do you associate the rule number to line in pf.conf, without doing the obvious mental

DSCP and TOS values

2006-01-16 Thread Adam Clark
Hi, I am using IPSEC tunnels to connect my home office to our work site. I am using a cisco voip phone which uses the vpn to talk to the call manager. I have worked for a bit to try to give the voip traffic highest priority with ALTQ. I have gotten some headway to what I want, but limitations

Re: DSCP and TOS values

2006-01-16 Thread Damien Miller
Adam Clark wrote: Hi, I am using IPSEC tunnels to connect my home office to our work site. I am using a cisco voip phone which uses the vpn to talk to the call manager. I have worked for a bit to try to give the voip traffic highest priority with ALTQ. I have gotten some headway to what

Re: viewing pf rules in tcpdump output

2006-01-16 Thread Can Erkin Acar
On Sun, Jan 15, 2006 at 04:19:10PM -0500, Peter wrote: --- Melameth, Daniel D. [EMAIL PROTECTED] wrote: Peter wrote: Question: Why does tcpdump show pf rules when I use the pflog0 interface in combination with the -e switch (link layer)? It's a fantastic feature but it seems like

Re: viewing pf rules in tcpdump output

2006-01-16 Thread Can Erkin Acar
On Sun, Jan 15, 2006 at 05:43:49PM -0500, Melameth, Daniel D. wrote: Peter wrote: --- Melameth, Daniel D. [EMAIL PROTECTED] wrote: Peter wrote: Question: Why does tcpdump show pf rules when I use the pflog0 interface in combination with the -e switch (link layer)? It's a

RE: DSCP and TOS values

2006-01-16 Thread Adam Clark
pf can filter fine on gif interfaces, including matching ToS. You have to apply your rules on the gifN interface, e.g. pass in on gif0 from any to any tos 0x08 Ahh, I assumed that because no traffic was listed when I tcpdump'd my gif interface that nothing could be done about it. Its ok as

carp+pfsync, keep state doesn't work

2006-01-16 Thread Andrew Kozichev
Hi, i have such problem. I am using carp balancing on the gate to the Internet. preempt=1 arpabalance=1 Firstly, on 3.8 arpbalansing didn`t work. I saw this article http://www.isi.qut.edu.au/people/mbradfor/openbsd-carp-arpbalance.html I recompile the kernel with a patch IP-Based Balancing. Now