Date: Wed, 28 Nov 2018 12:09:14 +0000 From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 233581] Bugg in PF or in PF man-page? Message-ID: <bug-233581-16861-nuhL6pGczY@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-233581-16861@https.bugs.freebsd.org/bugzilla/> References: <bug-233581-16861@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D233581 --- Comment #2 from peos42 <peo_s@incedo.org> --- vtnet0 has one IPv4 and and one IPv6 address on it. All jails use shared IP stack. No vnet... This is a snippet from the pf.conf in the main host. As this is a new host,= I have not had the time to add variables into it... Let us assume the vtnet0 IPv4 IP is 1.2.3.4 --snip-- set skip on lo0 block all pass out quick on { lo0 vtnet0 } inet proto {tcp gre esp udp icmp ipv6} all keep state pass out quick on { lo0 vtnet0 } inet6 proto {tcp gre esp udp icmp6} all k= eep state pass out quick on { lo0 vtnet0 } inet6 all keep state -- REST OF PASS RULES CUT OUT -- pass in quick on lo0 inet proto tcp from 1.2.3.4 to 1.2.3.4 port 953 flags S/SAFR keep state --snip-- In the "DNS" jail, rndc refuse to work unless the last rule within the snip= pet above is added. So named.conf in the jail has controls to the 1.2.3.4 IP and rndc.conf has default listener conf set to 1.2.3.4 instead of 127.0.0.1 /Peo --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-233581-16861-nuhL6pGczY>