[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-tech
Subject:    Re: Skipping interfaces in pf [was: pf filtering on loopback?]
From:       Henning Brauer <lists-openbsdtech () bsws ! de>
Date:       2004-12-22 6:26:41
Message-ID: 20041222062641.GP6338 () nudo ! bsws ! de
[Download RAW message or body]

* Alexey E. Suslikov <cruel@texnika.com.ua> [2004-12-21 21:38]:
> Henning Brauer wrote:
> 
> > * Max Laier <max@love2party.net> [2004-12-20 01:17]:
> >> There have been some, but none suggested that it is a stupid idea. Daniel even 
> >> stated support (if I understand correctly?). Is there anything going on or 
> >> has this just been forgotten about?
> >> I'd really like to see it happening.
> > 
> > I actually have this somewhere on my virtual todo since 2002.
> > 
> > On the other hand, in each and every situation I could live without 
> > just fine yet.
> 
> i think, everyone can live without "nat pass" too: by specifying
> "nat" and "pass" rules separately.
> 
> but you have added "nat pass", because it makes ruleset less
> redundant and more readable (see link below).
> 
> http://marc.theaimsgroup.com/?l=openbsd-cvs&m=105731547517046&w=2
> 
> now, we have the equal situation: feature is light, low cost and
> making ruleset less redundant and more readable.
> 
> Max didn't moan. Max did this hack. Henning, why do you resist? :)

cut the crap. I never resisted.

it is easy to whine on some mailing lists, it is less easy to actually 
think things through and verify diffs instead of blindly applying.

[prev in list] [next in list] [prev in thread] [next in thread]