Re: [openbsd] [henning@cvs.openbsd.org: CVS: cvs.openbsd.org: src]

[Eugeni Akmuradov <e.akmuradov@gmail.com>]

ишь ты, нахитроумили ;)

2009/9/1 Vladimir Kirillov <proger@uaoug.org.ua>:
> heads up!
> новый синтаксис nat'а:
>
> адаптированные маны и pf.conf уже в дереве
>
> ----- Forwarded message from Henning Brauer <henning@cvs.openbsd.org> -----
>
> Date: Tue, 1 Sep 2009 07:42:00 -0600 (MDT)
> From: Henning Brauer <henning@cvs.openbsd.org>
> To: source-changes@cvs.openbsd.org
> Subject: CVS: cvs.openbsd.org: src
>
> CVSROOT:        /cvs
> Module name:    src
> Changes by:     henning@cvs.openbsd.org 2009/09/01 07:42:00
>
> Modified files:
>        sbin/pfctl     : pfctl_optimize.c pfctl_parser.h pfctl.c
>                         pfctl_parser.c parse.y
>        sys/net        : pf.c pf_lb.c pfvar.h pf_ioctl.c
>
> Log message:
> the diff theo calls me insanae for:
> rewrite of the NAT code, basically. nat and rdr become actions on regular
> rules, seperate nat/rdr/binat rules do not exist any more.
> match in on $intf rdr-to 1.2.3.4
> match out on $intf nat-to 5.6.7.8
> the code is capable of doing nat and rdr in any direction, but we prevent
> this in pfctl for now, there are implications that need to be documented
> better.
> the address rewrite happens inline, subsequent rules will see the already
> changed addresses. nat / rdr can be applied multiple times as well.
> match in on $intf rdr-to 1.2.3.4
> match in on $intf to 1.2.3.4 rdr-to 5.6.7.8
> help and ok dlg sthen claudio, reyk tested too
>
> ----- End forwarded message -----
>
> --
> To unsubscribe send an e-mail to openbsd+unsubscribe@uaoug.org.ua
> For retrieval in messages archive http://www.uaoug.org.ua/archive
>
>

--
To unsubscribe send an e-mail to openbsd+unsubscribe@uaoug.org.ua
For retrieval in messages archive http://www.uaoug.org.ua/archive