Date: Thu, 29 Mar 2018 16:57:53 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-pf@FreeBSD.org Subject: [Bug 226850] [pf] Matching but failed rules block without return Message-ID: <bug-226850-17777-ZwIPNz4UMY@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-226850-17777@https.bugs.freebsd.org/bugzilla/> References: <bug-226850-17777@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D226850 --- Comment #11 from Ermal Lu=C3=A7i <eri@freebsd.org> --- I misread the issue you are experiencing. I do not see any impact on this apart of either=20 - overloading the set block-policy global to express the global policy. pf already marks as dropped the packets that go through failure paths. - Introduce a new global policy like set failure-return-policy.=20 In both scenarios the underlying implementation does not differ. I am not sure on the added value of having it be controllable per-rule! --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-226850-17777-ZwIPNz4UMY>