Question on packet filter using in and out interfaces
Doug Hardie
bc979 at lafn.org
Sat Jul 21 22:18:07 UTC 2012
That is a very helpful diagram. There are two aspects that I don't see directly addressed.
1. For packets ultimately delivered to processes on the system pf is running on, I suspect they get to the Kernel Processing box and then are directly delivered to the receiving process. The out phase is not used.
2. For packets redirected to addresses at 127.0.0.1, would they go through the out phase and then back in the in phase and be delivered during the Kernel Processing as above.
On 21 July 2012, at 11:23, Daniel Hartmeier wrote:
> On Sat, Jul 21, 2012 at 05:22:07PM +0200, Tonix (Antonio Nati) wrote:
>
>> If you can provide a link to this PF diagram it would be very useful.
>
> A copy is preserved on http://www.benzedrine.cx/pf_flow.png
>
> Yes, there are two phases.
>
> HTH,
> Daniel
> _______________________________________________
> freebsd-pf at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"
>
More information about the freebsd-pf
mailing list