On Fri, Jan 15, 2021 at 04:03:09PM +0100, Alexander Bluhm wrote:
> On Fri, Jan 15, 2021 at 03:24:43PM +0100, Klemens Nanni wrote:
> > Existing routers doing NAT64 for IPv6-only networks will require
> > `net.inet.ip.forwarding=1' for NAT64 to work.
>
> Actually you will need both of them.
>
> Whe
On Fri, Jan 15, 2021 at 03:24:43PM +0100, Klemens Nanni wrote:
> Existing routers doing NAT64 for IPv6-only networks will require
> `net.inet.ip.forwarding=1' for NAT64 to work.
Actually you will need both of them.
When sending "IPv6 -> pf-router -> IPv4" you need ip forwarding as
pf translates t
On Fri, Jan 15, 2021 at 01:30:01PM +0100, Alexander Bluhm wrote:
> sysctl net.inet.ip.forwarding is checked before ip_input() passes
> the packet to ip_forward(). But with an af-to rule, pf(4) calls
> ip_forward() directly. I think we should check the sysctl also in
> pf to get consistent behavio
Hi,
sysctl net.inet.ip.forwarding is checked before ip_input() passes
the packet to ip_forward(). But with an af-to rule, pf(4) calls
ip_forward() directly. I think we should check the sysctl also in
pf to get consistent behaviour.
ok?
bluhm
Index: net/pf.c
===
