Date: Thu, 01 Oct 2020 14:16:12 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 248474] if_ipsec: NAT broken on IPsec/VTI Message-ID: <bug-248474-7501-TTZWedV0Nx@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-248474-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-248474-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D248474 --- Comment #30 from jimp@netgate.com --- You can have both route-based and policy-based IPsec active at once but you cannot filter both at once in the expected manner. It is not limited to NAT rules, it affects both NAT and firewall rules in pf (and presumably others) which attempt to filter directly on if_ipsec interf= aces while filtering is also active on the enc interface. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-248474-7501-TTZWedV0Nx>