pf not checking traffic from tunnels
Kajetan Staszkiewicz
vegeta at tuxpowered.net
Tue May 30 18:05:28 UTC 2017
Dnia wtorek, 30 maja 2017 16:22:05 CEST Bjoern A. Zeeb pisze:
> On 30 May 2017, at 16:17, Kajetan Staszkiewicz wrote:
> > Is there any option to check from userspace if the gif interface has
> > pf
> > attached in netpfil hook for incoming traffic? Running tcpdump on gif
> > interface correctly shows incoming icmp echo request.
>
> What you want to read is
> man 4 enc
> I think.
That was close but not really :)
Proper lecture was man 4 ipsec and this switch: net.inet.ipsec.filtertunnel
--
| pozdrawiam / greetings | powered by Debian, FreeBSD and CentOS |
| Kajetan Staszkiewicz | jabber,email: vegeta()tuxpowered net |
| Vegeta | www: http://vegeta.tuxpowered.net |
`------------------------^---------------------------------------'
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20170530/99fdd8f6/attachment.sig>
More information about the freebsd-pf
mailing list