9/8/2005, "Stephan A. Rickauer" <[EMAIL PROTECTED]> napisa3(a):
>Micha3 Ful wrote: >> I had similar problem few months ago. In my case I used fwbuilder to >> check how my netfilter rules looks in pf syntax. It was very helpful. > >Good that you mention that. I also use fwbuilder to manage my rule sets >with netfilter. I thought I could simply 'compile' a pf rule set for >migration but that left me with a broken one. Investigating the issue >revealed a fundamental difference in the way pf and netfilter work. Now >I am trying to understand it ;) In my case rule set worked after compilation for pf, but my multihomed setup has been broken. Things that are made with iproute under linux needs to be rewriten to pf in openbsd. With nat and "keep state". Try to experiment with fwbuilder different options. -- Regards, Michal Ful
