Network severely unstable 10.0-PRERELEASE
Berend de Boer
berend at pobox.com
Wed Jan 1 19:16:36 UTC 2014
>>>>> "Gleb" == Gleb Smirnoff <glebius at FreeBSD.org> writes:
Gleb> Can you please try attached patch? I hope it'll fix the
Gleb> panic.
Have been running this without the rule change, to see if it doesn't
introduce any adverse effects. So far so good. When I'm back from
holiday (this Saturday), I'll enable the bad keyword.
Gleb> No idea on how good will your rule work, however.
I have no idea either! A bit harder to test, the goal was to make
games/voip udp work a bit better without having to allocate ports.
I think I could just write:
nat on egress from any to any -> (egress) round-robin sticky-address
instead of what I have now:
nat pass on egress proto udp from any port $voip_ports to any -> (egress) static-port
nat pass on egress from any to any -> (egress) sticky-address
--
All the best,
Berend de Boer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP Digital Signature
URL: <http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20140102/26eb89c3/attachment.sig>
More information about the freebsd-pf
mailing list