[Bug 215041] [pf] Handshake to certain (fixed) hosts is dropped
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Dec 15 09:03:05 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215041
--- Comment #3 from bsd at ddh.de1.cc ---
Update: The problem seems to center on the line "pass [log] all". When I
comment out the line and do "pfctl -F all -f configfile", the handshake to
185.60.115.40:443 works. Comment it in again, flush/reload, and the handshakes
disappear again.
Same story with a slightly bigger config:
int_if="em0"
ext_if="re0"
rdr on $int_if inet proto tcp from any to any port www -> 127.0.0.1 port 3128
pass in quick on $int_if route-to lo0 inet proto tcp from any to 127.0.0.1 port
3128 keep state
pass all
-> Handshakes get dropped. Remove the "pass all", handshakes work.
Is this some intricacy of the rule syntax I'm missing or a legit bug?
PS: Sorry for not testing this earlier, a "pass all" ruleset seemed too minimal
to have any effect...
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-pf
mailing list