On 2010/12/29 08:51, Johan Helsingius wrote:
Running pf on openbsd 4.8 (i386), I find something very strange going on.
Looking at the log:
Dec 28 22:23:37.772604 rule 4/(match) [uid 0, pid 28161] pass in on xl2:
xxx.yyy.zzz.aaa.51717 foo.bar.www: S [tcp sum ok]
3754046362:3754046362(0) win
On Wed, Dec 29, 2010 at 10:40:58AM +, Stuart Henderson wrote:
On 2010/12/29 08:51, Johan Helsingius wrote:
Running pf on openbsd 4.8 (i386), I find something very strange going on.
Looking at the log:
Dec 28 22:23:37.772604 rule 4/(match) [uid 0, pid 28161] pass in on xl2:
Claudio,
This is because of delayed checksum calculation in ip_output.
Thanks for the explanation!
Julf
On 12/29/2010 03:06:27 PM, Johan Helsingius wrote:
I am starting to despair at ever understanding pf redirection/NAT.
I have been trying to build a very simple redirection where
a openbsd firewall running pf sits between the ADSL modem
and a controller.
I have now simplified the pf config