https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=127920
[email protected] changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #5 from [email protected] --- The issue is also present in FreeBSD 10. What happens is that when synproxy code sents a SYN+ACK reply to client's SYN packet, it gets dropped here: sys/netpfil/pf/pf.c: 4153 if ((*state)->src.state == PF_TCPS_PROXY_SRC) { 4154 if (direction != (*state)->direction) { 4155 REASON_SET(reason, PFRES_SYNPROXY); 4156 return (PF_SYNPROXY_DROP); 4157 } I'm a bit surprised why it does not happen for IPv4 though, unless direction is wrong or the IPv4 packet does not match existing state. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[email protected]"
