Date: Thu, 16 Mar 2006 15:39:23 +0300 From: "Yuriy N. Shkandybin" <jura@networks.ru> To: <freebsd-pf@freebsd.org> Cc: freebsd-stable@freebsd.org Subject: pf: synproxy broken Message-ID: <000e01c648f6$a92bc310$0701010a@notebook>
next in thread | raw e-mail | index | archive | help
Hello from ealier 6.0 there is problem with synproxy in pf filter: this one 6.1-PRERELEASE #2: Wed Mar 15 02:02:37 MSK 2006 pf.conf just with single rule pass in quick on lo0 proto tcp from any to any port 22 flags S/SA = synproxy state result telnet 127.0.0.1 22 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. and it's hangs pfctl -s rules -v No ALTQ support in kernel ALTQ related functions disabled pass in quick on lo0 proto tcp from any to any port =3D ssh flags S/SA = synproxy state [ Evaluations: 966392 Packets: 0 Bytes: 0 States: = 1 ] pfctl -s state No ALTQ support in kernel ALTQ related functions disabled self tcp 127.0.0.1:22 <- 127.0.0.1:44819 PROXY:DST without synproxy all is ok =20 There is PR 86072 about that with unclear results. Jura
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000e01c648f6$a92bc310$0701010a>