Hi,
According to pf.conf(5),
Currently, only IPv4 fragments are supported and IPv6 fragments are
blocked unconditionally.
This is a very serious limitation in some scenarios (e.g. IPsec, which can
use large udp packets for key exchange, or for tunnels inside low-mtu
tunnels).
Is
On May 12, 2008, at 2:32 PM, Christer Solskogen wrote:
If I do not use the binat-rule, connecting to games (in CoH) will
not work. But CoH also seems to be the only game with that kind of
problem.
IF the ports are right shouldn't this be enough?
CoH_ports = { 6112 , 9100 , 30260 }
rdr
Karl O. Pinc wrote:
On 05/12/2008 04:32:05 PM, Christer Solskogen wrote:
If I do not use the binat-rule, connecting to games (in CoH) will not
work. But CoH also seems to be the only game with that kind of problem.
If I am not mistaken, using a binat-rule also makes my machine
vurnable for
You report what does work, but not what didn't work so it's difficult
to say why it didn't work.
I really should have done that.
If I do not use the binat-rule, connecting to games (in CoH) will
not work. But CoH also seems to be the only game with that kind of
problem.
If I am not
On 05/13/2008 12:35:28 AM, Christer Solskogen wrote:
This is my full pf.conf:
The only thing I notice offhand is that I prefer to put
the ftp-proxy anchors above all the other translation
rules so that whatever magic ftp-proxy is working
does not get inadvertently preempted. (I don't
know
On Mon, May 12, 2008 at 11:44:29PM -0700, Trevor Talbot wrote:
You might also need to use the static-port option for udp nat rules:
nat pass log on $ext_if proto udp from $funshine port $COH_ports to any -
85.200.10.151 static-port
yeah, i was gonna say static port too, but trevor beat me