Get RID of the multi threading patch in FreeBSDs version of PF
Kurt Jaeger
lists at opsec.eu
Sun Dec 7 10:57:20 UTC 2014
Hi!
> On 12/5/2014 6:09 PM, Martin Hanson wrote:
> > Has any important bugs been fixed in PF on OpenBSD since the current
> > port in FreeBSD that actually makes the current PF in FreeBSD
> > "dangerous" to run with?
>
> FreeBSD's pf is broken for IPv6. Its lack of fragment support means a
> FreeBSD breaks EDNS0 and other large-packet protocols that rely on
> fragment headers.
This was fixed recently as far as I understand.
Have a look at
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=179392
and
https://svnweb.freebsd.org/changeset/base/274709
--
pi at opsec.eu +49 171 3101372 6 years to go !
More information about the freebsd-pf
mailing list