Date: Sun, 21 Aug 2016 00:14:34 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 212013] 11.0-RC1: vimage jail with pf not working Message-ID: <bug-212013-8-pzXL8Yypsa@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-212013-8@https.bugs.freebsd.org/bugzilla/> References: <bug-212013-8@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212013 Bjoern A. Zeeb <bz@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bz@FreeBSD.org --- Comment #1 from Bjoern A. Zeeb <bz@FreeBSD.org> --- Just in reply to #3 as you say yourself in your description, it's outgoing packets, but your rule inside the jail specifies "in": 0 block drop in quick on epair23b inet proto tcp from any to any port = nicname Can you change that to "out" and see if it starts working? Currently on your "in" directions whois packets would originate from src port 43 and thus don't match the dest port 43. -- You are receiving this mail because: You are the assignee for the bug.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-212013-8-pzXL8Yypsa>