tech-net: Re: stf(4) and NAT protocol forwarding

Subject: Re: stf(4) and NAT protocol forwarding
To: Pavel Cahyna <pavel.cahyna@st.mff.cuni.cz>
From: Jonathan A. Kollasch <jakllsch@kollasch.net>
List: tech-net
Date: 04/05/2006 02:37:42

--bGR76rFJjkSxVeRa
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Apr 05, 2006 at 08:41:45AM +0200, Pavel Cahyna wrote:
> On Tue, Apr 04, 2006 at 05:19:35PM -0500, Jonathan A. Kollasch wrote:
> > On Mon, Jan 09, 2006 at 10:10:36AM +0100, Pavel Cahyna wrote:
~ ~ ~
> > > I can only say that it works for me in 3.0.
> > >=20
> > > ipnat.conf :
> > >=20
> > > bimap ex0 xx.xx.xx.xx/32 -> 10.11.53.78/32 ipv6
> >=20
> >=20
> > For the record I'm now using the PF rule:
> >=20
> > binat on ex0 proto ipv6 from xx.xx.xx.xx/32 to any -> 10.11.53.78/32
>=20
> What did help? Using PF instead of IPF?

No, the IPF worked fine, I'm just preparing for the eventuality that IPF
is the non-default packet filter.  (Yes, I know that'll probably 5.0 or
later.)  I had to trial and error the PF binat rule until it worked,
so I thought others might like to know.

	Jonathan Kollasch

--bGR76rFJjkSxVeRa
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (NetBSD)

iD8DBQFEM3PGOjx1ye3hmokRAiVXAJ4h7TCYupER0ND+p3MHgWLYq2Gg7gCgkfyH
fmRUppQOrPD2nDBDRMg4mGk=
=wekl
-----END PGP SIGNATURE-----

--bGR76rFJjkSxVeRa--