pass in on $wlan_if dup-to ($dup_if $dup_adr)
pass out on $ext_if
Now, when I connect to the wireless network (hostap on ral0) and then
ping a host in the bridged network, I will see one icmp request and one
icmp reply on ral0 (tcpdump -i ral0) as expected, but on re1 (=the
dup-to destination interface) I will see one icmp request but two icmp
The tcpdump timestamp for the second duplicated reply packet is just one
millionth younger than the first duplicated reply packet
(00:00:00.000000 vs 00:00:00.000001).
when I change pf.conf to
pass in on $wlan_if
pass out on $ext_if dup-to ($dup_if $dup_adr)
-> now duplicating all packtes that leave $ext_if instead of duplicating
all packets that enter $wlan_if, the icmp request gets duplicated twice
instead of the rely!
Same thing with dns lookups.
Any ideas if I'm completely misunderstanding the concept of dup-to or
what's going wrong or how to provide more information?