Date: Tue, 08 Mar 2005 06:49:24 -0600 From: "J.D. Bronson" <jbronson@wixb.com> To: freebsd-questions@freebsd.org Subject: pf question Message-ID: <6.2.0.14.2.20050308064913.00b190b0@localhost>
next in thread | raw e-mail | index | archive | help
First my ifconfig -A:
# ifconfig -A
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: xxxxxxxxxxxx
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.82.1 netmask 0xffffff00 broadcast 192.168.82.255
inet 192.168.82.2 netmask 0xffffffff broadcast 192.168.82.2
I use a rule in the firewall such as this:
# macros
int_if = "bge0"
pass in on $int_if from $int_if:network to any modulate state
pass out on $int_if from any to $int_if:network modulate state
This expands to:
pass in on bge0 inet from 192.168.82.0/24 to any modulate state
pass in on bge0 inet from 192.168.82.2 to any modulate state
pass out on bge0 inet from any to 192.168.82.0/24 modulate state
pass out on bge0 inet from any to 192.168.82.2 modulate state
..Why does it pick the alias IP on the nic and not the actual IP?
Is this intended by design?
--
J.D. Bronson
Aurora Health Care // Information Services // Milwaukee, WI USA
Office: 414.978.8282 // Email: jd@aurora.org // Pager: 414.314.8282
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.2.0.14.2.20050308064913.00b190b0>