Date: Tue, 30 May 2017 20:05:19 +0200 From: Kajetan Staszkiewicz <vegeta@tuxpowered.net> To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: freebsd-pf@freebsd.org Subject: Re: pf not checking traffic from tunnels Message-ID: <2427866.HH9brvnEOx@energia> In-Reply-To: <E08E37F7-F5E3-4079-8A1D-5126AADF1B8A@lists.zabbadoz.net> References: <1853600.RL7SYQSJBX@energia> <E08E37F7-F5E3-4079-8A1D-5126AADF1B8A@lists.zabbadoz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart5735402.ZaQVCjWN4Q Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="us-ascii" Dnia wtorek, 30 maja 2017 16:22:05 CEST Bjoern A. Zeeb pisze: > On 30 May 2017, at 16:17, Kajetan Staszkiewicz wrote: > > Is there any option to check from userspace if the gif interface has > > pf > > attached in netpfil hook for incoming traffic? Running tcpdump on gif > > interface correctly shows incoming icmp echo request. >=20 > What you want to read is > man 4 enc > I think. That was close but not really :) Proper lecture was man 4 ipsec and this switch: net.inet.ipsec.filtertunnel =2D-=20 | pozdrawiam / greetings | powered by Debian, FreeBSD and CentOS | | Kajetan Staszkiewicz | jabber,email: vegeta()tuxpowered net | | Vegeta | www: http://vegeta.tuxpowered.net | `------------------------^---------------------------------------' --nextPart5735402.ZaQVCjWN4Q Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQSOEQZObv2B8mf0JbnjtFCvbXs6FAUCWS20XwAKCRDjtFCvbXs6 FBdPAJ4wIRW4A5G8X3eoeNloa/k74CPELACgvsDPUuEKSj2zIY0JXjEGG0ZNDEU= =ImwS -----END PGP SIGNATURE----- --nextPart5735402.ZaQVCjWN4Q--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2427866.HH9brvnEOx>