pf synproxy broken
Yuriy N. Shkandybin
jura at networks.ru
Thu Oct 6 00:13:31 PDT 2005
Hello.
Please look at PR 86072.
I've confirm that this issue exist in latest STABLE and HEAD.
How it looks:
1) without synproxy
telnet localhost 22
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.2p1 FreeBSD-20050903
2) with synproxy
pass in log on lo0 proto tcp from any to any port 22 flags S/SA synproxy state
telnet localhost 22
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
That's all no actual connection.
netstat:
tcp4 0 0 127.0.0.1.45427 127.0.0.1.22 ESTABLISHED
pfсtl -s state
self tcp 127.0.0.1:22 <- 127.0.0.1:45427 PROXY:DST
Jura
More information about the freebsd-net
mailing list