View Single Post
  #4   (View Single Post)  
Old 21st December 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

Excellent solution, J65nko.

Edited to add:
  • If a single IPv4 address is used, inet is assumed.
  • If a list of IPv4 addresses is used, PF expands the list to multiple single-address rules.
  • If a table is used instead, PF requires the explicit inet, as the table could contain either IPv4 or IPv6 addresses. The divert-to filter option does not alter packets; they are required to be diverted within the same address family. In this case, that is IPv4.

Last edited by jggimi; 21st December 2013 at 09:17 PM. Reason: expanded remarks
Reply With Quote