Date: Fri, 28 Jul 2023 07:21:25 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 272770] "divert-to" rule creates packet loops on all FreeBSD 11.0 to 14.0 CURRENT versions Message-ID: <bug-272770-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272770 Bug ID: 272770 Summary: "divert-to" rule creates packet loops on all FreeBSD 11.0 to 14.0 CURRENT versions Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: burak.sn@outlook.com Created attachment 243661 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D243661&action= =3Dedit divert-to test code Hi, "divert-to" rule creates packet loops on all FreeBSD 11.0 to 14.0 CURR= ENT versions, bug 260867 and forum topic talking about the same problem=20 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D260867 https://forums.freebsd.org/threads/pf-divert-to-loop-problem.81508 i have reproduced the scenario on FreeBSD 11.0 to 14.0 CURRENT versions w= ith PF Divert rules given below and my code shown in the attachment LAN =3Digb1 pass in quick on igb1 proto udp from any to port { 53 } divert-to 127.0.0.1 port 3355 # I have found that rule -> (pass out quick on igb1 inet proto udp from any= to port 53 flags S/SA keep state divert-reply) from google but i got this erro= r: /etc/pf.conf:83: divert-reply has no meaning in FreeBSD pf(4) pfctl: Syntax error in config file: pf rules not loaded FreeBSD 14.0-CURRENT pf.conf(5) man page divert-to <host> port <port> Used to redirect packets to a local socket bound to host and por= t. The packets will not be modified, so getsockname(2) on the socket will return the original destination address of the packet. divert-reply Used to receive replies for sockets that are bound to addresses which are not local to the machine. See setsockopt(2) for infor= ma- tion on how to bind these sockets. There is same problem with all versions.It seems to me no work has been do= ne to fix pf divert. Because of that i am currently using both IPFW and PF at = the same time, i use IPFW for DIVERT but i am trying to move on FreeBSD 14.0 to work with only PF . But DIVERT is not working on either FreeBSD 14.0-CURRENT pf. So i couldn't give up IPFW's DIVERT. I have atteched a code above the attachment and i have tried all available codes on the internet. I am looking forward to your helps Thanks. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-272770-227>