man ipfw

    Packets diverted to userland, and then reinserted by a userland process
    may lose various packet attributes.  The packet source interface name
will be preserved if it is shorter than 8 bytes and the userland process saves and reuses the sockaddr_in (as does natd(8)); otherwise, it may be
    lost.  If a packet is reinserted in this manner, later rules may be
    incorrectly applied, making the order of divert rules in the rule
    sequence very important.

    cpp(1), m4(1), bridge(4), divert(4), dummynet(4), ip(4), ipfirewall(4),
    protocols(5), services(5), init(8), kldload(8), reboot(8), sysctl(8),



Freebsd mailing list

Responder a