Generated iptables script flushes only secondary ip addresses on
interfaces if option "configure interfaces" is in effect. This should
fix a bug that caused linksys/sveasoft unit to lose default route upon
reboot if external interface has static IP address.
Improvements and changes in compiler for pf:
Compiler for pf puts interface name in a table for rules that use
multiple objects in src or dst and one of these objects is dynamic
interface of the firewall that is being processed. Using dynamic
interface of another object in a rule is still considered an error.
Compiler for pf always uses tables; this breaks compatibility with
older OpenBSD systems (3.2 and 3.3)
Compiler for pf assigns a NAT rule of type DNAT (rdr rule) to an
interface of the firewall if interface object or its address object is
used in ODst. To get rdr rule without interface assignment, use an
Address or a Host object that has the same IP address as that of
firewall's interface but that is not a child of an interface.
Get latest updates about Open Source Projects, Conferences and News.