duplicate rule on :broadcast
Gergely CZUCZY
phoemix at harmless.hu
Thu Sep 6 13:39:40 PDT 2007
Hello
I've got a configuration when i've got 2 IPs on em0
from the very same subnet. This means, they have the
same broadcast address. I have the following rule
in my pf.conf:
block in quick on $if_inet proto udp from any to $if_inet:broadcast port 137 label "broadcast deny"
Since I've got two addresses on that interface it
expands to the folowing accordin got ptfctl -sr:
block return in quick on em0 inet proto udp from any to 195.56.55.255 port = netbios-ns label "broadcast deny"
block return in quick on em0 inet proto udp from any to 195.56.55.255 port = netbios-ns label "broadcast deny"
Is it really neccessery to have duplicates when the
boradcast addresses of the assigned addresses are the
very same?
Sincerely,
Gergely Czuczy
mailto: gergely.czuczy at harmless.hu
--
Weenies test. Geniuses solve problems that arise.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 987 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20070906/fd3126ed/attachment.pgp
More information about the freebsd-pf
mailing list