On 07/04/2019 23:29, Mindaugas Rasiukevicius wrote:
"John D. Baker" <[email protected]> wrote:
- dynamic ifaddrs(netifN) (John D. Baker)
The "ifaddrs(netifN)" function is what evaluates the addresses on the
interface with each reference in a rule, or so the documentation makes
it appear. Contrast with "inet4(netifN)" or "inet6(netifN)" that is
only evaluated when the configuration file is loaded. "ifaddrs(netifN)"
appears to be the equivalent of pf's "(netifN)", but always returns the
full list of all addresses on an interface, so cannot be used in a NAT
(map foo -> bar) statement. Hence the desire to select a subset or at
least only the first address in the list, e.g., pf's "(netifN:0)" dynamic
address evaluation with return of only first address.
You *can* use ifaddrs(netifN) for a NAT rule in NetBSD -current, but you
need to specify the address selection algorithm. Currently, "ip‐hash" or
"round‐robin". You cannot select just the first address, though. That is
something I can look into.
My modem has a site local admin address. My router gets a public IP from
it but I'd like to keep the admin address as well.
An address selection algo to exclude or only use site local addresses
would be of use? Currently I have a dhcpcd exit hook script to remove
the site local addresses, reconfigure npf and then re apply the site
local addresses. This isn't ideal, hence my request.
Roy
