Re: NPF does not recognize npflog0

[Pongthep Kulkrisada <ptkrisada%gmail.com@localhost>]

* S.P.Zeidler (spz%serpens.de@localhost) wrote:
> >But one question remains pertaining to ping.
> >     pass final on $ext_if family inet proto icmp icmp-type echo code 0 all
> >With the rule above, I cannot ping anywhere.
> 
> Have you tried also allowing
> pass final on $ext_if family inet proto icmp icmp-type echo-reply all?
Thank you very much for your reply.
But please note a typo, it is ``echoreply'' (without a dash).

either
    pass final on $ext_if family inet proto icmp icmp-type echoreply all
or
    pass final on $ext_if family inet proto icmp icmp-type echoreply code 0 all
The behavior is the same.
NetBSD box can ping the other machines.
But the other machines cannot ping my NetBSD box.

If want to ping both sides, the only rule works i.e.
    pass final on $ext_if family inet proto icmp all
unless an additional rule of ``echoreq'' is added.

Thanks,
-- 
Pongthep Kulkrisada
 
"UNIX is basically a simple operating system,
but you have to be a genius to understand the simplicity."
-- Dennis M. Ritchie