https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237477
Bug ID: 237477
Summary: kernel option PF_DEFAULT_TO_DROP breaks rdr rules with
pass keyword.
Product: Base System
Version: 12.0-RELEASE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: kern
Assignee: b...@freebsd.org
Reporter: mickey...@gmx.net
Using a custom kernel built with
options PF_DEFAULT_TO_DROP
seems to prevent rdr rules that have an explicit pass keyword specified from
functioning as intended. i.e.
rdr pass log on $int_if inet proto tcp to port 4242 -> 127.0.0.1 port 4242
This rule should redirect and pass tcp traffic arriving on the internal
interface and destined for port 4242 to 127.0.0.1 port 4242. The log shows that
the rule is matched and applied, but the traffic never makes it to it's
intended destination. Using a kernel built without the option
PF_DEFAULT_TO_DROP the rule works as intended and passes the traffic through.
--
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
