Re: Call for Foundation-supported Project Ideas

Reply: Chris : "Re: Call for Foundation-supported Project Ideas"
In reply to: Lars Engels : "Re: Call for Foundation-supported Project Ideas"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Özkan KIRIK <ozkan.kirik_at_gmail.com>
Date: Sat, 11 Dec 2021 05:38:04 UTC

freebsd-pf: matching and logging receive interface and xmit interface
in single rule (ipfw has support)

I'm looking for a solution to match a traffic received on igb0 and xmit on igb1.
According to man page, ipfw(8) supports this syntax:

ipfw add deny ip from any to any out recv ed0 xmit ed1

     The recv interface can be tested on either incoming or outgoing
     packets, while the xmit interface can only be tested on outgoing
     packets.  So out is required (and in is invalid) whenever xmit is
     used.

Is it possible to add support to pf for this feature like ipfw?

Have a nice day

On Fri, Dec 10, 2021 at 1:16 PM Lars Engels <lme@freebsd.org> wrote:
>
> Am 2021-12-09 19:25, schrieb Özkan KIRIK:
> > bsnmpd: monitoring jails (event with different vnet) resources like
> > interfaces, cpu usage etc.
> >
> > I don't have an account to modify wiki. thanks
>
>
> I added this to the wiki page.
>