[Bug 268717] [pf] [ipnat] rdr rules don't work for traffic originating at localhost

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 01 Feb 2023 10:54:21 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268717

--- Comment #28 from dfr@rabson.org ---
(In reply to Kristof Provost from comment #27)
This is another reason for being conditional on the sysctl. I am open to
alternative suggestions for this but I think we do need to treat the hand-off
to local L4+ processing as a potential filtering event.

I think that Linux iptables make this clearer, allowing filters to register for
NF_INET_LOCAL_IN or NF_INET_LOCAL_OUT specifically.

-- 
You are receiving this mail because:
You are the assignee for the bug.