From owner-freebsd-pf@freebsd.org Sun Dec 18 13:33:21 2016 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8148EC86482 for ; Sun, 18 Dec 2016 13:33:21 +0000 (UTC) (envelope-from zaphod@berentweb.com) Received: from mail-wm0-x242.google.com (mail-wm0-x242.google.com [IPv6:2a00:1450:400c:c09::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 206E1C54 for ; Sun, 18 Dec 2016 13:33:20 +0000 (UTC) (envelope-from zaphod@berentweb.com) Received: by mail-wm0-x242.google.com with SMTP id m203so13888820wma.3 for ; Sun, 18 Dec 2016 05:33:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=berentweb-com.20150623.gappssmtp.com; s=20150623; h=sender:date:from:to:subject:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=L5X7+COCA/z6HvL7EC8Vz7w7VA3mwkPiDUt+IHapkrU=; b=cX5x9oU9csvwPH8/ABOWBcecQDuuUAL1jt7ECtbagapK7zZrnLzJUFbMXBj2K0WTH8 N7Pt47VRHenKgitvABSp7KoojWwHkQPVo7wT2TqLwMgZcJbrwdKtjEUpjy1ayB/AwA68 XxvXeuBFlw55aHDIiM3wOYU8WEmTtE/jA2ONwv+8zZA4y3F0HEafshWIcbNQ8hLSxEvb iBZIB9g2f+0fNVraFdY0QoiCvo7ErSW0dHOqkeybDZxEDKuExPrmBNlQB0xHu5SpdrmP FfqzkgSgU4REr9+X51k9iKCTk/hjjXhZeDkQ1KKP+Hh6JjB31XNf2mCiDtnv6NkvaWG/ o9LA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:subject:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=L5X7+COCA/z6HvL7EC8Vz7w7VA3mwkPiDUt+IHapkrU=; b=IqtyySx9PoYpbvfg3ZVRLwjhbsEKsJiHaEw5U+0XP2jJ6yAQtsqQbm+Lg7WSmFsuPO KTklJFQoo0D7Gq+Z20MLKe5QkNtLBmqxKOKDzZmFoJ6Fw6kOvJujXqojV1TS8ii+VeEm 85Hg4XFfvWvHxzqXZE+mS3Alh9XEoAKEfstcJp8zU/0KHH/qc9vbDmaerCe2ysown2iA ZG2e4TnJYwzfZY0phca6krlgfbIw4PrImd7vsJ9KXtyKU779pOJpUo/+A+XZAFb1UzXt 5ETYhoQ/vU7ZtRHGS6dLfn4srHcNkH4MyM6APj3UeZfFiqpnkPH6jDxHaBIkwl4PMMyK GHSg== X-Gm-Message-State: AIkVDXKSZxVe8BFk6gqYY4MUx8TZjRe0AxhXVuPJU3ZkJXe6+lqMnP3bn1zoDL9MW6N6VA== X-Received: by 10.28.12.80 with SMTP id 77mr10830147wmm.106.1482067999035; Sun, 18 Dec 2016 05:33:19 -0800 (PST) Received: from rsbsd.rsb ([78.183.218.80]) by smtp.gmail.com with ESMTPSA id 135sm12590265wmh.14.2016.12.18.05.33.17 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 18 Dec 2016 05:33:17 -0800 (PST) Sender: "Raif S. Berent" Date: Sun, 18 Dec 2016 16:33:13 +0300 From: Beeblebrox To: freebsd-pf@freebsd.org Subject: PF TAGged jail traffic fails pass rule on egress Message-ID: <20161218163313.01fbc51e@rsbsd.rsb> In-Reply-To: <20161207171021.607579ea@rsbsd.rsb> References: <20161207171021.607579ea@rsbsd.rsb> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Dec 2016 13:33:21 -0000 Ian - thanks for the answer. I already have pflog enabled on wan0 (egress), but nothing of value there. After your ide re " no actual packets on lo2" I ran tcpdump on that interfa= ce; indeed no traffic shows up. I moved the jails to a new vlan1 with /24 subnet, with x.x.0.1 empty and ja= ils starting from x.x.0.2/32. This obviously facilitates NAT from pf in tha= t NAT is now not needed for inter-jail communication. However, nothing changes for the greater problem of packet tagging as "tcpd= ump -i vlan1" shows no packet traversal as was the case on lo2. I also real= ised that since pf.conf has: nat on wan0 from !(wan0) to any -> wan0 Attempts to tag packets post-nat is useless because source-ip (jail) has be= en replaced by the ip of wan0. This seems to leave me with limited choices 1. NAT & TAG each jail separately (ie: nat pass on wan0 from $jdns to any t= ag TD -> wan0) 2. Use a single tag for all packets leaving vlan1 so as to simplify the nat= rules Neither which offers a satisfactory configuration because of other complica= tions each solution causes. As reminder: Ultimate goal is to allow only pre= -defined port traffic per jail. I can't find a simpler way than TAGGING to = accomplish this. PS I've also found that the OpenBSD syntax "!(tagged )" is not recognised = on FreeBSD... Thanks & Regards --=20 FreeBSD_amd64_11-Stable_RadeonKMS Please CC my email when responding, mail from list is not delivered. From owner-freebsd-pf@freebsd.org Sun Dec 18 20:39:28 2016 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 092D1C87602 for ; Sun, 18 Dec 2016 20:39:28 +0000 (UTC) (envelope-from zaphod@berentweb.com) Received: from mail-wm0-x241.google.com (mail-wm0-x241.google.com [IPv6:2a00:1450:400c:c09::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A6A1913CA for ; Sun, 18 Dec 2016 20:39:27 +0000 (UTC) (envelope-from zaphod@berentweb.com) Received: by mail-wm0-x241.google.com with SMTP id u144so15257242wmu.0 for ; Sun, 18 Dec 2016 12:39:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=berentweb-com.20150623.gappssmtp.com; s=20150623; h=sender:date:from:to:subject:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=KhE4per+sXaYauz8vxFmoKkrcaoEsKUZqitwo5JUmgE=; b=TgxXhuATpvQ1BAyYx3XL+AMOV2bMhoZNOk45oTjejc6T48DpdknSDZ/kxprOnBTxQu +JMd4ip+Ub9T/MWRUgSwWq9SoyRXk7O26mrtdFKEVbraO0YtY5E8RyHCf35xABeK89av jPfU5t/pGbTBuo8aF7B2fBvmNbW8G5hZCd3U0RN+minSDV1WRWOHZdSHNRnP/qfq/t/B t/1zvDOLI10vHCrXWuiVuTyApA3D5Cc1UhWjuksoTziO2P8RKf4kQheiyqxAkUzcHn6Q enWU/obEeam6mOJGkRfcJGKRRl2fvHpWknh+cP23mWG//6Rr4B5UzCwlZT7ceUH5ZCP7 IyUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:subject:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=KhE4per+sXaYauz8vxFmoKkrcaoEsKUZqitwo5JUmgE=; b=acjFrFaFQ2PO3qp5gUKie4c5vo99xY5OXdE7ooQnrVtjMIh4qhgce+rTmDd3aD98bB fLPliDX+z7vOiFSnAPs481Ylx+fTWMC0KQTN48HhxfbBaJRQt2n1zoOrZ5t4nozy+y22 5ZUxbTy2yt4kMk7nntf25u0v+gyvHQgXti43cAOkQsrQHmSeVTqEFjuxmmR2f6A8bNeY zWBp+lzGVLc0DWBXhdTKK2F/L0MJpgNFT1P8aMEuXov3Go1d91rdustvGiJ45vabjbBt vmhyOJKtngVobcPh6W7ozkcAw/0DJhDHo7OszP8thL0kmT9OZQfQY+jpxbQjgrxbyln6 jMcw== X-Gm-Message-State: AIkVDXIFVcX7pAIZDC778HgD0b16mXE0YuBhJZIxriwq4GXXn0F9oAHYI32Ixaa7LSB0EA== X-Received: by 10.28.60.194 with SMTP id j185mr10212244wma.33.1482093564584; Sun, 18 Dec 2016 12:39:24 -0800 (PST) Received: from rsbsd.rsb ([78.183.218.80]) by smtp.gmail.com with ESMTPSA id r138sm13973158wme.9.2016.12.18.12.39.22 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 18 Dec 2016 12:39:23 -0800 (PST) Sender: "Raif S. Berent" Date: Sun, 18 Dec 2016 23:39:21 +0300 From: Beeblebrox To: freebsd-pf@freebsd.org Subject: Re: PF TAGged jail traffic fails pass rule on egress Message-ID: <20161218233921.4455c466@rsbsd.rsb> In-Reply-To: <20161218163313.01fbc51e@rsbsd.rsb> References: <20161207171021.607579ea@rsbsd.rsb> <20161218163313.01fbc51e@rsbsd.rsb> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Dec 2016 20:39:28 -0000 Correction to previous message; should be: > After your ideA re "no actual packets on lo2" I ran tcpdump on that > interface; indeed no traffic shows up. I moved the jails to a new > vlan1 ON WAN0 (INSTEAD OF LO0) with /24 subnet, with x.x.0.1 empty and > jails starting from x.x.0.2/32. This obviously facilitates NAT from > pf in that NAT is now not needed for inter-jail communication. > However, nothing changes for the greater problem of packet tagging as > "tcpdump -i vlan1" shows no packet traversal as was the case on lo2. So now, jails are on a vlan hosted on wan0 (egress) but tcpdump still shows= no packet traversal on that interface. hardware driver is re : wan0: flags=3D8843 metric 0 mtu 1500 options=3D8209b inet 192.168.1.10 netmask 0xffffff00 broadcast 192.168.1.255=20 media: Ethernet autoselect (100baseTX ) --=20 FreeBSD_amd64_11-Stable_RadeonKMS Please CC my email when responding, mail from list is not delivered. From owner-freebsd-pf@freebsd.org Sun Dec 18 21:00:46 2016 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 805BDC87E28 for ; Sun, 18 Dec 2016 21:00:46 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5BE011B11 for ; Sun, 18 Dec 2016 21:00:46 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uBIL01km091064 for ; Sun, 18 Dec 2016 21:00:46 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <201612182100.uBIL01km091064@kenobi.freebsd.org> From: bugzilla-noreply@FreeBSD.org To: freebsd-pf@FreeBSD.org Subject: Problem reports for freebsd-pf@FreeBSD.org that need special attention Date: Sun, 18 Dec 2016 21:00:46 +0000 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Dec 2016 21:00:46 -0000 To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- Open | 203735 | Transparent interception of ipv6 with squid and p 1 problems total for which you should take action. From owner-freebsd-pf@freebsd.org Tue Dec 20 02:46:46 2016 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5CF2BC891AE for ; Tue, 20 Dec 2016 02:46:46 +0000 (UTC) (envelope-from ian.freislich@capeaugusta.com) Received: from mail-yb0-x22a.google.com (mail-yb0-x22a.google.com [IPv6:2607:f8b0:4002:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 228771D42 for ; Tue, 20 Dec 2016 02:46:45 +0000 (UTC) (envelope-from ian.freislich@capeaugusta.com) Received: by mail-yb0-x22a.google.com with SMTP id d59so62528355ybi.1 for ; Mon, 19 Dec 2016 18:46:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=capeaugusta-com.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=g9cMG37IG2xM7LKcBVvnxlXjKCpLOX3LCtYsmSRbI+4=; b=u5CnFZFac+HueRjj8Bapw1hYrx/EaI8ckG2HFL1sKO7x4iIfsO/KVMYeVB0pb5JTjD QRpJJeiUIE2LOqUvfc6KXwRvT9iXxDFoVbN9TYLpp0FVNrQGeh7HFGj2uo88QGQm+fZ1 B4M9QO8DqVyff4SndaOeB+E+y2mBjEPajESeEGsUev44XenChLAwFifXkEHACmznqip2 vzWgGMy7Ca8PJunLKw5uGWaqMTh60/2kzsH5BI/vq4H43Vn1vP/RTvBNBGE3LC2C4GI3 tJxRQdhpYPOIwM/icuk2aePO5H7WVKjQ25woChwQack87pV0kl5bcL8CqDESclGvJKCZ bj5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=g9cMG37IG2xM7LKcBVvnxlXjKCpLOX3LCtYsmSRbI+4=; b=fYvYW3D5o07AG4d9UZorAqkkwzceVQycHW2Rcb8GbYLeACHiAMSW6XotkKQKFCMcMB DePrYXRvHu4AoE556ceq3YUULWJjlwM7n4ecDZEG9TYAExNUDZsVEn3NSHPU5a03yukt kdMipEYbsfQuFWpNlfbyosFcfu7vm1J4JYdFIYtz70pgB3L8ue7largrLO6DJP8YWSsc to/vTwJ7U69HUvQ5kPNZlqGc77h2ikVALO+/bUEpiMqNBLkHBJ429st5Lt9tLXc3robw umO3HL3jifLRk5gF6jkE6yCvZvQ1yEbQtfy1zuhDSvsjgHFI1sKZNqwjpE1sdnLJl4VQ B6bg== X-Gm-Message-State: AIkVDXLowzvaOh1GhGhO/b1JgxMcug2si2dDO3OnCrW1SAQK72xWnUTy2hMiyLHK6Dfnt1yzrLdAWLJ8e7XXjRqAa/S2oM359GNEtrsgFJUGa6xuTy2Vt/rZGap8PtzCyZkh4hHl8erh8zHQl3p8sK7sj4Y5zHCg5hQ0kp2r3VWf8J8omzkTeCQmAlBPiVii3AGRRw== X-Received: by 10.37.14.3 with SMTP id 3mr1904150ybo.106.1482202004697; Mon, 19 Dec 2016 18:46:44 -0800 (PST) Received: from zen.clue.co.za (c-73-20-181-123.hsd1.ga.comcast.net. [73.20.181.123]) by smtp.gmail.com with ESMTPSA id m123sm8649829ywf.26.2016.12.19.18.46.43 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Dec 2016 18:46:44 -0800 (PST) Subject: Re: PF TAGged jail traffic fails pass rule on egress To: freebsd-pf@freebsd.org References: <20161207171021.607579ea@rsbsd.rsb> <20161218163313.01fbc51e@rsbsd.rsb> <20161218233921.4455c466@rsbsd.rsb> From: Ian FREISLICH Message-ID: Date: Mon, 19 Dec 2016 21:46:42 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 In-Reply-To: <20161218233921.4455c466@rsbsd.rsb> Content-Type: text/plain; charset=windows-1252 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Dec 2016 02:46:46 -0000 I do not know enough about how jails and their networking work to be much more help. I'd suggest reading up on how the network is handled for jails. IPFW can filter based on jail ID. I don't know if that will you. Ian -- Ian Freislich On 12/18/16 15:39, Beeblebrox via freebsd-pf wrote: > Correction to previous message; should be: >> After your ideA re "no actual packets on lo2" I ran tcpdump on that >> interface; indeed no traffic shows up. I moved the jails to a new >> vlan1 ON WAN0 (INSTEAD OF LO0) with /24 subnet, with x.x.0.1 empty and >> jails starting from x.x.0.2/32. This obviously facilitates NAT from >> pf in that NAT is now not needed for inter-jail communication. >> However, nothing changes for the greater problem of packet tagging as >> "tcpdump -i vlan1" shows no packet traversal as was the case on lo2. > So now, jails are on a vlan hosted on wan0 (egress) but tcpdump still shows no packet traversal on that interface. hardware driver is re : > wan0: flags=8843 metric 0 mtu 1500 > options=8209b > inet 192.168.1.10 netmask 0xffffff00 broadcast 192.168.1.255 > media: Ethernet autoselect (100baseTX ) > -- Cape Augusta Digital Properties, LLC a Cape Augusta Company *Breach of confidentiality & accidental breach of confidentiality * This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. From owner-freebsd-pf@freebsd.org Thu Dec 22 19:54:01 2016 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3C9C8C8D6DA for ; Thu, 22 Dec 2016 19:54:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1E84C166C for ; Thu, 22 Dec 2016 19:54:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uBMJs02W066083 for ; Thu, 22 Dec 2016 19:54:00 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-pf@FreeBSD.org Subject: [Bug 198868] pf brakes tcp checksum if enabled for ue adapter Date: Thu, 22 Dec 2016 19:54:00 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 10.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: hiren@FreeBSD.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: Unable to Reproduce X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: kp@freebsd.org X-Bugzilla-Flags: mfc-stable9+ mfc-stable10+ X-Bugzilla-Changed-Fields: resolution bug_status cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Dec 2016 19:54:01 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D198868 Hiren Panchasara changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |Unable to Reproduce Status|In Progress |Closed CC| |hiren@FreeBSD.org --- Comment #14 from Hiren Panchasara --- Agreed upon by kp@. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-pf@freebsd.org Thu Dec 22 20:06:16 2016 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E2BECC8DE22 for ; Thu, 22 Dec 2016 20:06:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D289C165 for ; Thu, 22 Dec 2016 20:06:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uBMK6GQV030070 for ; Thu, 22 Dec 2016 20:06:16 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-pf@FreeBSD.org Subject: [Bug 213736] pf: hardcoded if_output skips ip[6]_output and pfil order Date: Thu, 22 Dec 2016 20:06:17 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: franco@opnsense.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Dec 2016 20:06:17 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D213736 --- Comment #1 from Franco Fichtner --- Review available at https://reviews.freebsd.org/D8877 --=20 You are receiving this mail because: You are the assignee for the bug.=