[Bug 268717] [pf] [ipnat] rdr rules don't work for traffic originating at localhost
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 27 Jan 2023 15:55:50 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268717 --- Comment #21 from dfr@rabson.org --- I don't think its a feature - if we are not supporting rdr rules where the initial source address is local, then the rule shouldn't match at all. As it is, for both pf and ipnat, the 'outgoing' rule matches, rewriting the destination address and port and creating state but reply packets never match that state because the firewall does not see the reply packet 'leaving' the network to be delivered to local tcp/udp/whatever. -- You are receiving this mail because: You are the assignee for the bug.