The patch works as expected. The prefixed no scrub rules. Thank you very much Daniel,
Daniel Hartmeier wrote: > You can try the patch below, or alternatively make sure the positive > scrub rules do not include $LAB_NFS_SERVERS, as a workaround, like > > scrub in from ! $LAB_NFS_SERVERS to ! $LAB_NFS_SERVERS > scrub out from ! $LAB_NFS_SERVERS to ! $LAB_NFS_SERVERS > > Daniel > > > Index: pf_norm.c > =================================================================== > RCS file: /cvs/src/sys/net/pf_norm.c,v > retrieving revision 1.98 > diff -u -r1.98 pf_norm.c > --- pf_norm.c 21 May 2005 21:03:57 -0000 1.98 > +++ pf_norm.c 21 May 2005 22:41:11 -0000 > @@ -849,7 +849,7 @@ > break; > } > > - if (r == NULL) > + if (r == NULL || r->action == PF_NOSCRUB) > return (PF_PASS); > else > r->packets++; > @@ -1067,7 +1067,7 @@ > break; > } > > - if (r == NULL) > + if (r == NULL || r->action == PF_NOSCRUB) > return (PF_PASS); > else > r->packets++; >
