[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf nat + gre (pptp pass through)

--As of Friday, July 30, 2004 9:12 PM +0100, Dominique Jacquel is alleged to have said:

I posted on [email protected] on the same topic a few days ago. I have
looked at the problem a bit closer now and I am hoping to get comments
and advice ... and hopefully a bit of flame too! :-) I have studied some
of the pf code in search for a solution and this is the solution I am

--As for the rest, it is mine.

Sounds to me like you are looking for a way to do protocol-specific nat/rewriting handling. My advice: Don't. Write a proxy, and direct the connection through that if necessary. rdr to the proxy from the firewall, and let the proxy sort out the rest.

Daniel T. Staal

This email copyright the author.  Unless otherwise noted, you
are expressly allowed to retransmit, quote, or otherwise use
the contents for non-commercial purposes.  This copyright will
expire 5 years after the author's death, or in 30 years,
whichever is longer, unless such a period is in excess of
local copyright law.