Date: Mon, 01 Feb 2021 15:31:22 +0000 From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 253164] reply-to in PF brokens after upgrade from 12.1 to 12.2 Message-ID: <bug-253164-16861-NrQIuHdqTV@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-253164-16861@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253164 --- Comment #2 from skeletor@lissyara.su --- pass in on $ext_if_1 reply-to ($ext_if_1 $gw_1) inet proto tcp to ($ext_if_1) port { $tcp_svc } tag EXT_IF_A pass in on $ext_if_1 inet proto tcp from ($ext_if_1:network) to ($ext_if_1) port { $tcp_svc } tag EXT_IF_A # Lan4ever pass in on $ext_if_2 reply-to ($ext_if_2 $gw_2) inet proto tcp to ($ext_if_2) port { $tcp_svc } tag EXT_IF_B pass in on $ext_if_2 inet proto tcp from ($ext_if_2:network) to ($ext_if_2) port { $tcp_svc } tag EXT_IF_B pass in quick from ($ext_if_1:network) tagged EXT_IF_A keep state pass in quick reply-to ($ext_if_1 $gw_1) tagged EXT_IF_A keep state pass in quick from ($ext_if_2:network) tagged EXT_IF_B keep state pass in quick reply-to ($ext_if_2 $gw_2) tagged EXT_IF_B keep state pass out route-to ($ext_if_1 $gw_1) inet from ($ext_if_1) keep state pass out route-to ($ext_if_2 $gw_2) inet from ($ext_if_2) keep state This rule set for TCP, but the same behaviour and for UDP too. When I use tcpdump, reply packets appear on the interface, which point to the default GW. On the FreeBSD 12.1 reply packets appears on the interface which they came from. Do you need more details? -- You are receiving this mail because: You are the assignee for the bug.help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-253164-16861-NrQIuHdqTV>