Hello,
On Thu, Oct 20, 2016 at 08:45:09PM +0200, Alexander Bluhm wrote:
> On Fri, Sep 30, 2016 at 11:55:48PM +0200, Alexandr Nedvedicky wrote:
> > The patch makes PF to send 'challenge ACK' for SYN packet, which matches
> > session in established state.
>
> regress/sys/net/pf_forward has found a
On Fri, Sep 30, 2016 at 11:55:48PM +0200, Alexandr Nedvedicky wrote:
> The patch makes PF to send 'challenge ACK' for SYN packet, which matches
> session in established state.
regress/sys/net/pf_forward has found a bug in your code. Looks
like the route-to feature was affected. By splitting the
On Fri, Sep 30, 2016 at 11:55:48PM +0200, Alexandr Nedvedicky wrote:
> The patch makes PF to send 'challenge ACK' for SYN packet, which matches
> session in established state.
The pf diff is OK bluhm@
> The patch also comes with test case. I've just learned it's bit tricky
> to use scapy for
Hello,
patch below makes life easier for clients, which always use same source port,
when talking to server (e.g. think of NFS). The scenario we are dealing with
is as follows:
- client mounts remote NFS share
- there is a PF sitting between client and NFS server. the mount