From owner-freebsd-pf@freebsd.org  Fri Oct 20 04:43:57 2017
Return-Path: <owner-freebsd-pf@freebsd.org>
Delivered-To: freebsd-pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0F8C4E4F9B0
 for <freebsd-pf@mailman.ysv.freebsd.org>; Fri, 20 Oct 2017 04:43:57 +0000 (UTC)
 (envelope-from maximos@als.nnov.ru)
Received: from mx.als.nnov.ru (mx.als.nnov.ru [95.79.102.161])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id C68F467998
 for <freebsd-pf@freebsd.org>; Fri, 20 Oct 2017 04:43:56 +0000 (UTC)
 (envelope-from maximos@als.nnov.ru)
Received: from [10.4.1.100]
 by mx.als.nnov.ru with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128)
 (Exim 4.87 (FreeBSD)) (envelope-from <maximos@als.nnov.ru>)
 id 1e5Ohk-0008a8-ME
 for freebsd-pf@freebsd.org; Fri, 20 Oct 2017 07:14:40 +0300
Subject: Re: Had to allow localhost->localhost on FB 10.4
To: freebsd-pf@freebsd.org
References: <alpine.BSF.2.21.1710200910430.30357@aneurin.horsfall.org>
From: Max <maximos@als.nnov.ru>
Message-ID: <5046b895-a40b-c092-b74f-adc0b0e54b7a@als.nnov.ru>
Date: Fri, 20 Oct 2017 07:14:40 +0300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <alpine.BSF.2.21.1710200910430.30357@aneurin.horsfall.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: ru
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Oct 2017 04:43:57 -0000

set skip on lo

(or  set skip on lo0)


20.10.2017 1:15, Dave Horsfall пишет:
> Just upgraded to FreeBSD 10.4 (and NTP stopped working, but that's a 
> separate issue), and found that my pf log was flooded with things like:
>
>     00:03:25.172691 IP localhost.56537 > localhost.domain: 
> 33908+[|domain]
>     00:03:30.650949 IP localhost.51150 > localhost.domain: 
> 13457+[|domain]
>     00:03:35.669987 IP localhost.47363 > localhost.domain: 7594+[|domain]
>     00:03:54.528312 IP localhost.18250 > localhost.domain: 96+[|domain]
>     00:03:59.830324 IP localhost.15552 > localhost.domain: 
> 45957+[|domain]
>     00:04:04.845808 IP localhost.47042 > localhost.domain: 
> 24817+[|domain]
>     00:04:10.689009 IP localhost.30385 > localhost.domain: 
> 28807+[|domain]
>     00:04:12.398079 IP localhost.37872 > localhost.domain: 
> 56445+[|domain]
>     00:04:16.474337 IP localhost.48196 > localhost.domain: 9865+[|domain]
>     00:04:17.943754 IP localhost.10177 > localhost.domain: 
> 38494+[|domain]
>     00:04:22.132642 IP localhost.23265 > localhost.biff: UDP, length 15
>
> I was forced to add the following entry in pf.conf until I could 
> investigate
> this further:
>
>     # Stuffed if I know why localhost/UDP is now blocked by default...
>     pass in quick from localhost to localhost
>
> Anyone else noticed this?
>