The docs clearly state that you should not attempt to filter/nat on the same interface - it confuses the system since it expects traffic arriving on ex0 to not attempt to exit out ex0 if I am reading it correctly.
|Stef - http://caunter.ca/contact.html On Thu, 21 Apr 2005, Buozis, Martynas wrote: > Hello > > In my opinion it makes no sense to do that at all. In any case virtual > IP traffic goes via real interface hme0 (for example), so all rules can > be bind to this physical interface. What do you expect from supporting > virtual interfaces ? Maybe I missed something ? > > > > With best regards > Martynas > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Doug Norton > Sent: Thursday, April 21, 2005 4:53 PM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: RE: Virtual Interfaces > > Yep that's what I was referring too. > Any idea if ipfilter will support virtual interfaces in the future? > > > > >From: "Olmsted, Brian" <[EMAIL PROTECTED]> > >To: "Doug Norton" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> > >Subject: RE: Virtual Interfaces > >Date: Thu, 21 Apr 2005 10:38:37 -0400 > > > >If you mean interfaces like hme0:1, hme0:2, etc... no but you can use > >the real interface hme0 and put the rules specific to the IP addresses > >assigned to hme0:1, hme0:2, etc. > > > >-----Original Message----- > >From: [EMAIL PROTECTED] > >[mailto:[EMAIL PROTECTED] On Behalf Of Doug Norton > >Sent: Thursday, April 21, 2005 10:29 AM > >To: [EMAIL PROTECTED] > >Subject: Virtual Interfaces > > > >Does anyone know if ipfilter supports virtual interfaces? > >If so what version and is their any documentation on it. > > > >Thanks, > >Doug > > > > > > > > >
