o Note that packets diverted using a 'divert' socket, and then
reinserted by a userland process, will lose a number of packet attributes, including their source interface. This may affect the behavior of later rules, and while not strictly a BUG, may cause unexpected behavior if not clearly documented. A similar note for natd(8) might be desirable.
This commit is contained in:
parent
4b2ee62a91
commit
e036a58dab
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=88841
@ -1379,6 +1379,15 @@ Packets that match a
|
||||
rule should not be immediately accepted, but should continue
|
||||
going through the rule list.
|
||||
This may be fixed in a later version.
|
||||
.Pp
|
||||
Packets diverted to userland, and then reinserted by a userland process
|
||||
(such as
|
||||
.Xr natd 8 )
|
||||
will lose various packet attributes, including their source interface.
|
||||
If a packet is reinserted in this manner, later rules may be incorrectly
|
||||
applied, making the order of
|
||||
.Cm divert
|
||||
rules in the rule sequence very important.
|
||||
.Sh AUTHORS
|
||||
.An Ugen J. S. Antsilevich ,
|
||||
.An Poul-Henning Kamp ,
|
||||
|
Loading…
Reference in New Issue
Block a user