Closed rmind closed 4 years ago
There are a few multi-element combinations which are currently not supported by npfctl.
npfctl
Mixing of protocols, e.g.: pass proto { tcp, udp } from 10.0.0.0/8
pass proto { tcp, udp } from 10.0.0.0/8
Mixing of IP addresses and tables: pass from { 10.0.0.2, <some-table> }
pass from { 10.0.0.2, <some-table> }
Static NAT rule expressed with any (e.g. bi-directional NAT entries), e.g. map eth0 static no-ports 10.1.1.3 <- any pass family inet4 to 192.0.2.3
any
map eth0 static no-ports 10.1.1.3 <- any pass family inet4 to 192.0.2.3
Fixed by #95, #96 and #97.
rmind
commented
4 years ago rmind
commented
4 years ago
There are a few multi-element combinations which are currently not supported by
npfctl.Mixing of protocols, e.g.:
pass proto { tcp, udp } from 10.0.0.0/8Mixing of IP addresses and tables:
pass from { 10.0.0.2, <some-table> }Static NAT rule expressed with
any(e.g. bi-directional NAT entries), e.g.map eth0 static no-ports 10.1.1.3 <- any pass family inet4 to 192.0.2.3