21st December 2013
|
|
More noise than signal
|
|
Join Date: May 2008
Location: USA
Posts: 7,975
|
|
Excellent solution, J65nko.
Edited to add:
- If a single IPv4 address is used, inet is assumed.
- If a list of IPv4 addresses is used, PF expands the list to multiple single-address rules.
- If a table is used instead, PF requires the explicit inet, as the table could contain either IPv4 or IPv6 addresses. The divert-to filter option does not alter packets; they are required to be diverted within the same address family. In this case, that is IPv4.
Last edited by jggimi; 21st December 2013 at 09:17 PM.
Reason: expanded remarks
|