diff options
| -rw-r--r-- | share/man/man4/gre.4 | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/share/man/man4/gre.4 b/share/man/man4/gre.4 index 329a79e6cbc..7188f5e8414 100644 --- a/share/man/man4/gre.4 +++ b/share/man/man4/gre.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: gre.4,v 1.34 2011/07/09 04:01:30 deraadt Exp $ +.\" $OpenBSD: gre.4,v 1.35 2012/03/26 19:26:17 claudio Exp $ .\" $NetBSD: gre.4,v 1.10 1999/12/22 14:55:49 kleink Exp $ .\" .\" Copyright 1998 (c) The NetBSD Foundation, Inc. @@ -28,7 +28,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 9 2011 $ +.Dd $Mdocdate: March 26 2012 $ .Dt GRE 4 .Os .Sh NAME @@ -197,6 +197,18 @@ To return keepalives, the remote host must be configured to forward packets: .Bd -literal -offset indent # sysctl net.inet.ip.forwarding=1 .Ed +.Pp +If +.Xr pf 4 +is enabled then it is necessary to add a pass rule specific for the keepalive +packets. +The rule must use +.Em no state +because the keepalive packet is entering the network stack multiple times. +In most cases the following should work: +.Bd -literal -offset indent +pass quick on gre proto gre no state +.Ed .Sh NOTES The MTU of .Nm |