Re: af-to error?
the pf.conf parser and manpages could use a bit of TLC following adding the v4/v6 protocol translation code. in the meantime, adding inet to the line is likely to help. On 2011-12-06, Chris Smith obsd_m...@chrissmith.org wrote: Having some issues with -current. This line in pf.conf: match out on $ext_if from my_net to any nat-to $ext_ad0 Generates the following error: # pfctl -n -f /etc/pf.conf /etc/pf.conf:41: af-to is not supported on match rules /etc/pf.conf:41: skipping rule due to errors /etc/pf.conf:41: rule expands to no valid combination However in an earlier release (a not so current version of 4.9 -current) the syntax works fine. And so far I have been unable to get: match out on $ext_if from $my_if to any nat-to $ext_ad0 or match out on $ext_if from $my_if:network to any nat-to $ext_ad0 to actually work although they parse properly. man pf.conf has no entry for af-to
Re: af-to error?
On Tue, Dec 6, 2011 at 12:50 PM, Stuart Henderson s...@spacehopper.org wrote: in the meantime, adding inet to the line is likely to help. Indeed, thank you.
af-to error?
Having some issues with -current. This line in pf.conf: match out on $ext_if from my_net to any nat-to $ext_ad0 Generates the following error: # pfctl -n -f /etc/pf.conf /etc/pf.conf:41: af-to is not supported on match rules /etc/pf.conf:41: skipping rule due to errors /etc/pf.conf:41: rule expands to no valid combination However in an earlier release (a not so current version of 4.9 -current) the syntax works fine. And so far I have been unable to get: match out on $ext_if from $my_if to any nat-to $ext_ad0 or match out on $ext_if from $my_if:network to any nat-to $ext_ad0 to actually work although they parse properly. man pf.conf has no entry for af-to
