pf NAT and VNET Jails
Kristof Provost
kp at FreeBSD.org
Mon Nov 2 23:44:27 UTC 2015
> On 02 Nov 2015, at 15:07, Shawn Webb <shawn.webb at hardenedbsd.org> wrote:
>
> On Monday, 02 November 2015 02:59:03 PM Kristof Provost wrote:
>>
>> Can you add your pf.conf too?
>>
>> I’ll try upgrading my machine to something beyond 290228 to see if I can
>> reproduce it. It’s on r289635 now, and seems to be fine. My VNET jails
>> certainly get their traffic NATed.
>
> Sorry about that! I should've included it. It's pasted here: http://ix.io/lLI
>
> It's probably not the most concise. This is a laptop that can have one of
> three interfaces online: re0 (ethernet on the laptop), wlan0 (you can guess
> what that is), or ue0 (usb tethering from my phone). I used to be able to
> specify NATing like that and pf would automatically figure out which outgoing
> device to use. Seems like that's broken now.
>
I’ve updated my machine and things still seem to be working.
As you said, it’s probably related to the multiple nat entries.
I’ll have to make a test setup, which’ll take a bit of time, especially
since I’m messing with the host machine at the moment.
Regards,
Kristof
More information about the freebsd-current
mailing list