[Bug 238796] ipfilter: fix unremovable rules and rules checksum for comparison
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Jul 10 03:40:24 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #14 from WHR <msl0000023508 at gmail.com> ---
Good news. I has reproduced this bug in a FreeBSD 13.0-CURRENT r349753 testing
VM.
The steps are:
kldload ipl.ko
ifconfig tun0 plumb
ifconfig tun1 plumb
echo "pass in quick reply-to tun0:10.1.1.1 on tun0 proto tcp from any to
10.1.1.11 port = 22 flags S/FSRPAU keep state" | ipf -f -
echo "pass in quick reply-to tun1:10.1.2.1 on tun1 proto tcp from any to
10.1.2.11 port = 22 flags S/FSRPAU keep state" | ipf -f -
echo "pass in quick reply-to tun0:10.1.1.1 on tun0 proto tcp from any to
10.1.1.11 port = 22 flags S/FSRPAU keep state" | ipf -f -
ipfstat -Rion
echo "pass in quick route-to tun1:10.1.2.1 on em0 proto tcp from 10.0.3.63 to
any" | ipf -f -
echo "pass in quick route-to tun0:10.1.1.1 on em0 proto tcp from 10.0.3.64 to
any port = 23" | ipf -f -
echo "pass in quick reply-to tun0:10.1.1.1 on tun0 proto tcp from any to
10.1.1.11 port = 22 flags S/FSRPAU keep state" | ipf -f -
ipfstat -Ri
ipfstat -Ri | ipf -f -
Please tell if you want the VM configuration or the disk image.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-net
mailing list