ng_tag and pf?
Bill Marquette
bill.marquette at gmail.com
Tue Apr 17 17:26:00 UTC 2007
Is it possible to use ng_tag in conjunction with pf? I have a setup
in OpenBSD currently where I use the bridge interface to apply a tag
to a packet based on the mac address so that when pf gets the packet
it can apply a reply-to rule to it to keep traffic flows symmetric
(the upstream device(s) also keep state, so the reply path has to be
the same). I'm looking to duplicate this in FreeBSD with pf and I
think ng_tag and maybe ng_bpf can make this happen, but I'm at a bit
of a loss as to how at this point. Any pointers or at least a "yes
it's absolutely possible, figure it out and let us know the exact
config" answer would be very much appreciated. Thanks
--Bill
More information about the freebsd-pf
mailing list