I'd like to get some feedback on the feasibility of some new features for pf
and the feasibility of them being implemented by the current pf hackers.
For large table support, what do people think of the idea of "read only"
external
tables. For instance, using CDB [http://www.corpit.ru/mjt/tinycd
On Wed, Dec 20, 2006 at 01:35:37PM +1100, Johan Allard wrote:
> echo "pass in on ne3 dup-to (lo1 1.1.12.1) inet all keep state" > /
> etc/pf.conf
> pfctl -e
> pfctl -f /etc/pf.conf
> and the first packet coming in on ne3 will cause a kernel dump, see
> attached screenshot.
I didn't view the sc
Johan Allard wrote:
Hi there,
I just managed to get a kernel dump on a basic clean installed OpenBSD
4.0 with the following settings:
ifconfig lo1 create
ifconfig lo1 inet 1.1.12.1 netmask 255.255.255.0
echo "pass in on ne3 dup-to (lo1 1.1.12.1) inet all keep state" >
/etc/pf.conf
pfctl -
On Wed, Dec 20, 2006 at 01:35:37PM +1100, Johan Allard wrote:
> any idea why this caused this panic?
Can you try the patch below?
If it still panics, please include the panic message in the screenshot
(the first couple of lines got cut off).
Daniel
Index: pf.c
=
