Date: Fri, 20 Jul 2018 20:51:52 +0000 From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 196314] pf nested inline anchors does not work Message-ID: <bug-196314-16861-vPWPaH0s4K@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-196314-16861@https.bugs.freebsd.org/bugzilla/> References: <bug-196314-16861@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196314 mickey242@gmx.net changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mickey242@gmx.net --- Comment #7 from mickey242@gmx.net --- I am on releng 11.2 and am experiencing the same problem. Filter rules contained within nested inline anchors are ineffective. The following pf.conf that is similar in structure to the example shown in pf.conf(5) section ANCHORS should allow ports time and daytime to be accessible, but only time port can be reached: anchor "an1" { pass in quick proto tcp to port time anchor "an2" { pass in quick proto tcp to port daytime } } It works as expected as soon as you turn the inner anchor into a regular (non-inline) anchor and load it's contents either using pfctl or via load anchor "an2" from "file" I also tested whether it makes any difference when the outer anchor is a regular anchor, but it doesn't. Result is the same. The only place where rules contained within an inline anchor work as expected is when the inline anchor is directly attached to the main ruleset. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-196314-16861-vPWPaH0s4K>