Date: Tue, 16 Oct 2012 09:13:38 +0200 From: Patrick Lamaiziere <patfbsd@davenulle.org> To: Olivier =?ISO-8859-1?Q?Cochard-Labb=E9?= <olivier@cochard.me> Cc: freebsd-pf@freebsd.org Subject: Re: [9.1] PF drop Message-ID: <20121016091338.164a6de0@mr129166> In-Reply-To: <CA%2Bq%2BTcpw-tVGFenyGZaNXfKSNdm3XBOumQ5=UgC5yBXbPgHHnA@mail.gmail.com> References: <20121012214215.735615d3@davenulle.org> <CA%2Bq%2BTcpw-tVGFenyGZaNXfKSNdm3XBOumQ5=UgC5yBXbPgHHnA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Le Mon, 15 Oct 2012 17:52:03 +0200, Olivier Cochard-Labbé <olivier@cochard.me> a écrit : Hello, > And I've try to ssh from PC_1 to PC_2, and all traffic are drop (no > ICMP generated) too. > > One remark: I'm using pf as module (not compiled in kernel). The box was running a 9.1 prerelease from August 25, I've update to 9.1-RC2. I've checked again and I confirm this icmp unreachable behavior. I've got one other report for this problem on FreeBSD 6.3 and 9.0. To be sure that states are not involved at all I've used a serial console on the firewall (previous tests were made with ssh). So I don't understand why you don't reproduce this. I will make few more tests. The config is 9.1-RC2 / i386, all daemons are stopped (keep sshd). No IPV6. Generic kernel / world and no special tunning. The box is a Soekris Net5501. Thanks for your help. Regards.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20121016091338.164a6de0>