Date: Mon, 06 Jun 2022 14:29:13 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 264193] pf: scrub max-mss rule stops working (but still counts) after 13.1-RELEASE upgrade Message-ID: <bug-264193-7501-2JzBAbOdnW@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-264193-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-264193-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D264193 --- Comment #7 from Kristof Provost <kp@freebsd.org> --- (In reply to oleg from comment #6) Packets can pass through pf multiple times. When forwarding they pass throu= gh coming into the network and again on the way out (post-routing), for exampl= e. In this case what I'm saying is that the original SYN packet that starts the connection (and carries the MSS option) passes through pf once, does not hit the scrub rule, because its going to go out epair0b, is then processed by t= he 'pass route-to' rule, which it matches and causes it to be sent out through epair1b. It does not pass through pf a second time, so it does not hit the scrub rule and does not get its MSS adjusted. --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-264193-7501-2JzBAbOdnW>