Date: Mon, 22 Apr 2019 21:20:21 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 237477] kernel option PF_DEFAULT_TO_DROP breaks rdr rules with pass keyword. Message-ID: <bug-237477-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237477 Bug ID: 237477 Summary: kernel option PF_DEFAULT_TO_DROP breaks rdr rules with pass keyword. Product: Base System Version: 12.0-RELEASE Hardware: amd64 OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: mickey242@gmx.net Using a custom kernel built with options PF_DEFAULT_TO_DROP seems to prevent rdr rules that have an explicit pass keyword specified from functioning as intended. i.e. rdr pass log on $int_if inet proto tcp to port 4242 -> 127.0.0.1 port 4242 This rule should redirect and pass tcp traffic arriving on the internal interface and destined for port 4242 to 127.0.0.1 port 4242. The log shows that the rule is matched and applied, but the traffic never makes it to it's intended destination. Using a kernel built without the option PF_DEFAULT_TO_DROP the rule works as intended and passes the traffic through. -- You are receiving this mail because: You are the assignee for the bug.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-237477-227>