Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 20 Oct 2017 04:48:29 +0000
From:      Robin Geuze <robing@transip.nl>
To:        Dave Horsfall <dave@horsfall.org>
Cc:        FreeBSD PF List <freebsd-pf@freebsd.org>
Subject:   Re: Had to allow localhost->localhost on FB 10.4
Message-ID:  <fdb36c8a-f6f6-4b67-b302-0c62408f532d@email.android.com>
next in thread | raw e-mail | index | archive | help 

Have you done "set skip on lo0" in your pf.conf? That should make it ignore that interface altogether.

On Oct 20, 2017 00:50, Dave Horsfall <dave@horsfall.org> wrote:
Just upgraded to FreeBSD 10.4 (and NTP stopped working, but that's a
separate issue), and found that my pf log was flooded with things like:

     00:03:25.172691 IP localhost.56537 > localhost.domain: 33908+[|domain]
     00:03:30.650949 IP localhost.51150 > localhost.domain: 13457+[|domain]
     00:03:35.669987 IP localhost.47363 > localhost.domain: 7594+[|domain]
     00:03:54.528312 IP localhost.18250 > localhost.domain: 96+[|domain]
     00:03:59.830324 IP localhost.15552 > localhost.domain: 45957+[|domain]
     00:04:04.845808 IP localhost.47042 > localhost.domain: 24817+[|domain]
     00:04:10.689009 IP localhost.30385 > localhost.domain: 28807+[|domain]
     00:04:12.398079 IP localhost.37872 > localhost.domain: 56445+[|domain]
     00:04:16.474337 IP localhost.48196 > localhost.domain: 9865+[|domain]
     00:04:17.943754 IP localhost.10177 > localhost.domain: 38494+[|domain]
     00:04:22.132642 IP localhost.23265 > localhost.biff: UDP, length 15

I was forced to add the following entry in pf.conf until I could investigate
this further:

     # Stuffed if I know why localhost/UDP is now blocked by default...
     pass in quick from localhost to localhost

Anyone else noticed this?

--
Dave Horsfall DTM (VK2KFU)  "Those who don't understand security will suffer."
_______________________________________________
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?fdb36c8a-f6f6-4b67-b302-0c62408f532d>