[pf] stable/12: block by OS broken
Xin Li
delphij at delphij.net
Thu Feb 18 05:02:00 UTC 2021
Hi,
It appears that some change between 939430f2377 (December 31) and
b4bf7bdeb70 (today) on stable/12 have broken pf in a way that the
following rule:
block in quick proto tcp from any os "Linux" to any port ssh
would get interpreted as:
block drop in quick proto tcp from any to any port = 22
(and block all SSH connection instead of just the ones initiated from
Linux).
Cheers,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20210217/9ecff45b/attachment.sig>
More information about the freebsd-net
mailing list