Nino Dehne
2009-05-31 15:24:04 UTC
Hi,
I upgraded my router to 5.0.0_PATCH and somehow pf is borked.
Rules such as
pass in quick on $ext6_if inet6 from any to { $ext6_if_local, $ext6_net }
pass out quick on $ext6_if inet6 from { $ext6_if_local, $ext6_net } to any
get expanded to
pass in quick on gif0 inet6 from any to [...] flags S/SA keep state (if-bound)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
pass in quick on gif0 inet6 from any to [...] flags S/SA keep state (if-bound)
pass out quick on gif0 inet6 from [...] to any flags S/SA keep state (if-bound)
pass out quick on gif0 inet6 from [...] to any flags S/SA keep state (if-bound)
What the hell? Why does it apply TCP flags and state keeping when I didn't
request that anywhere?
Regards
I upgraded my router to 5.0.0_PATCH and somehow pf is borked.
Rules such as
pass in quick on $ext6_if inet6 from any to { $ext6_if_local, $ext6_net }
pass out quick on $ext6_if inet6 from { $ext6_if_local, $ext6_net } to any
get expanded to
pass in quick on gif0 inet6 from any to [...] flags S/SA keep state (if-bound)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
pass in quick on gif0 inet6 from any to [...] flags S/SA keep state (if-bound)
pass out quick on gif0 inet6 from [...] to any flags S/SA keep state (if-bound)
pass out quick on gif0 inet6 from [...] to any flags S/SA keep state (if-bound)
What the hell? Why does it apply TCP flags and state keeping when I didn't
request that anywhere?
Regards
--
Of course it runs NetBSD.
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Of course it runs NetBSD.
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de