svn commit: r237681 - head/share/examples/pf
Rui Paulo
rpaulo at FreeBSD.org
Thu Jun 28 03:30:17 UTC 2012
Author: rpaulo
Date: Thu Jun 28 03:30:17 2012
New Revision: 237681
URL: http://svn.freebsd.org/changeset/base/237681
Log:
Add the 'inet' keyword after the nat rule to avoid interfering with
IPv6.
Modified:
head/share/examples/pf/faq-example1
head/share/examples/pf/pf.conf
Modified: head/share/examples/pf/faq-example1
==============================================================================
--- head/share/examples/pf/faq-example1 Thu Jun 28 03:27:35 2012 (r237680)
+++ head/share/examples/pf/faq-example1 Thu Jun 28 03:30:17 2012 (r237681)
@@ -26,7 +26,7 @@ set skip on lo
scrub in
# nat/rdr
-nat on $ext_if from !($ext_if) -> ($ext_if:0)
+nat on $ext_if inet from !($ext_if) -> ($ext_if:0)
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
Modified: head/share/examples/pf/pf.conf
==============================================================================
--- head/share/examples/pf/pf.conf Thu Jun 28 03:27:35 2012 (r237680)
+++ head/share/examples/pf/pf.conf Thu Jun 28 03:30:17 2012 (r237681)
@@ -16,7 +16,7 @@
#nat-anchor "ftp-proxy/*"
#rdr-anchor "ftp-proxy/*"
-#nat on $ext_if from !($ext_if) -> ($ext_if:0)
+#nat on $ext_if inet from !($ext_if) -> ($ext_if:0)
#rdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021
#no rdr on $ext_if proto tcp from <spamd-white> to any port smtp
#rdr pass on $ext_if proto tcp from any to any port smtp \
More information about the svn-src-head
mailing list