[Bug 260973] pf: firewall rules stop matching when vnet jails share interface names with the host

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 260973] pf: firewall rules stop matching when vnet jails share interface names with the host"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 06 Jan 2022 09:56:56 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260973

--- Comment #2 from Thomas Steen Rasmussen / Tykling <thomas@gibfest.dk> ---
This statement

- Rebooting with four jails plus the above ruleset enabled means never getting
any contact to the server at all (ie. the problem manifests from boot).

is not true, my testing was off. The problem only shows up when vnet jails with
the same interface names as on the host are stopped/restarted. This also
explains why I had such a hard time reproducing it right after a reboot. It
only happens when a jail has been started and is then stopped (or restarted)

This fits the problem description in
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=185619 perfectly

-- 
You are receiving this mail because:
You are the assignee for the bug.