src - FreeBSD source tree

diff options

author	Kajetan Staszkiewicz <ks@FreeBSD.org>	2025-02-23 18:13:48 +0000
committer	Kajetan Staszkiewicz <ks@FreeBSD.org>	2025-02-27 15:28:27 +0000
commit	f6f116cdbd2a406d2913df5368299ba4cdbf40a1 (patch)
tree	f7b3d75421575675c793ee45ae044f92a084ffca /usr.sbin/bsdconfig/(public-mirror)
parent	ab6a311c720e93c860d3dd4a335264d725db7a0d (diff)

pf: Make af-to work on outbound interfaceHEAD main

Currently af-to works only on inbound interface by creating a reversed NAT state key which is used to match traffic returning on the outbound interface. Such limitation is not necessary. When an af-to state is created for an outbound rule do not reverse the NAT state key, making it work just like if it was created for a normal NAT rule. Depending on firewall design it might be easier and more natural to use af-to on the outbound interface. Reviewed by: kp Approved by: kp (mentor) Sponsored by: InnoGames GmbH Differential Revision: https://reviews.freebsd.org/D49122

Diffstat (limited to 'usr.sbin/bsdconfig/(public-mirror)')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: