|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: RESOLVED: PF and passing traffic from RFC 1918 addresses in on external interface
From: Brian A. Seklecki (lavalamp
spiritual-machines.org)
Date: Sat Aug 02 2003 - 19:51:36 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 2003-07-28 at 13:20, Mark Hopkins wrote:
> > Does pf drop traffic incoming on the external interface from RFC 1918
> > address by default, even if the ruleset says to pass in all, pass out all?
Be aware of ISPs using RFC 1918 reserved space for WAN addresses such as
P-t-P /30s (and then not setting up a NAT pool).
The result? Your router's ext interface can't reach important resources
on the `net, unless you can tell X-service to source packets from the
Lan IF.
That's okay, my router doesn't need to synchronize it's clock with NTP,
i'll just get it closer to a window so it can use a sundial >:}
-lava
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]