Changeset View
Changeset View
Standalone View
Standalone View
share/man/man5/pf.conf.5
Show All 21 Lines | |||||
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, | .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, | ||||
.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | .\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||||
.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER | .\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER | ||||
.\" CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | .\" CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||||
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN | .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN | ||||
.\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | .\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | ||||
.\" POSSIBILITY OF SUCH DAMAGE. | .\" POSSIBILITY OF SUCH DAMAGE. | ||||
.\" | .\" | ||||
.Dd June 24, 2024 | .Dd September 4, 2024 | ||||
.Dt PF.CONF 5 | .Dt PF.CONF 5 | ||||
.Os | .Os | ||||
.Sh NAME | .Sh NAME | ||||
.Nm pf.conf | .Nm pf.conf | ||||
.Nd packet filter configuration file | .Nd packet filter configuration file | ||||
.Sh DESCRIPTION | .Sh DESCRIPTION | ||||
The | The | ||||
.Xr pf 4 | .Xr pf 4 | ||||
▲ Show 20 Lines • Show All 2,234 Lines • ▼ Show 20 Lines | |||||
from modifying the source port on TCP and UDP packets. | from modifying the source port on TCP and UDP packets. | ||||
.It Xo Ar map-e-portset Aq Ar psid-offset | .It Xo Ar map-e-portset Aq Ar psid-offset | ||||
.No / Aq Ar psid-len | .No / Aq Ar psid-len | ||||
.No / Aq Ar psid | .No / Aq Ar psid | ||||
.Xc | .Xc | ||||
With | With | ||||
.Ar nat | .Ar nat | ||||
rules, the | rules, the | ||||
.It Ar endpoint-independent | |||||
With | |||||
.Ar nat | |||||
rules, the | |||||
.Ar endpoint-independent | |||||
option caues | |||||
.Xr pf 4 | |||||
to always map connections from a UDP source address and port to the same | |||||
NAT address and port. | |||||
This feature implements "full-cone" NAT behavior. | |||||
.Ar map-e-portset | .Ar map-e-portset | ||||
option enables the source port translation of MAP-E (RFC 7597) Customer Edge. | option enables the source port translation of MAP-E (RFC 7597) Customer Edge. | ||||
In order to make the host act as a MAP-E Customer Edge, setting up a tunneling | In order to make the host act as a MAP-E Customer Edge, setting up a tunneling | ||||
interface and pass rules for encapsulated packets are required in addition | interface and pass rules for encapsulated packets are required in addition | ||||
to the map-e-portset nat rule. | to the map-e-portset nat rule. | ||||
.Pp | .Pp | ||||
For example: | For example: | ||||
.Bd -literal -offset indent | .Bd -literal -offset indent | ||||
▲ Show 20 Lines • Show All 1,143 Lines • Show Last 20 Lines |