Date: Mon, 22 Apr 2019 21:20:21 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 237477] kernel option PF_DEFAULT_TO_DROP breaks rdr rules with pass keyword. Message-ID: <bug-237477-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D237477 Bug ID: 237477 Summary: kernel option PF_DEFAULT_TO_DROP breaks rdr rules with pass keyword. Product: Base System Version: 12.0-RELEASE Hardware: amd64 OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: mickey242@gmx.net Using a custom kernel built with options PF_DEFAULT_TO_DROP seems to prevent rdr rules that have an explicit pass keyword specified from functioning as intended. i.e. rdr pass log on $int_if inet proto tcp to port 4242 -> 127.0.0.1 port 4242 This rule should redirect and pass tcp traffic arriving on the internal interface and destined for port 4242 to 127.0.0.1 port 4242. The log shows = that the rule is matched and applied, but the traffic never makes it to it's intended destination. Using a kernel built without the option PF_DEFAULT_TO_DROP the rule works as intended and passes the traffic throug= h. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-237477-227>