Hello, > Thanks for the patch, we'll be investigating this further. my deep apologize, I was too fast on send trigger. the patch is toxic. It breaks the opposite case:
pass out on vnet2 all flags S/SA
once rule above is used with patch applied we drop the first
ICMP reply, so ping stops to work completely.
as you've said:
> This needs a much closer look, but it might be a result of a bad
I need to study PF source code more...
sorry for extra noise.
regards
sasha
