Le samedi 08 mai 2021 à 12:07 +0200, Bastien Durel a écrit : > Le 08/05/2021 à 11:56, Stuart Henderson a écrit : > > > > Does it work if you use the syntax suggested in the upgrade > > > > notes > > > > for the example with "pass in on pppoe1 reply-to ..."? > > > > > > > > > > > For incoming connections, I tried > > > > > > pass in on pppoe0 inet6 reply-to fe80::520f:80ff:fe65:8800%pppoe0 > > > keep state > > > pass in on pppoe0 inet6 reply-to fe80::520f:80ff:fe65:8800 keep > > > state
Hello, Thanks to folks of #openbsd, I found out adding an explicit route to fe80::520f:80ff:fe65:8800 on pppoe0 make this work. Referencing fe80::520f:80ff:fe65:8800%pppoe0 in pf.conf results in a rule referencing fe80::520f:80ff:fe65:8800 pf.conf: pass in on pppoe0 inet6 reply-to fe80::520f:80ff:fe65:8800%pppoe0 pfctl -s rules: pass in on pppoe0 inet6 all flags S/SA reply-to fe80::520f:80ff:fe65:8800 hostname.pppoe0: !/sbin/route add -inet6 fe80::520f:80ff:fe65:8800 -ifp pppoe0 fe80::%pppoe0 This make pf able to route to the correct interface. Regards, -- Bastien
