Date: Wed, 25 May 2016 12:03:24 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-pf@FreeBSD.org Subject: [Bug 207598] pf adds icmp unreach on gre/ipsec somehow Message-ID: <bug-207598-17777-nCk4RQaNLj@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-207598-17777@https.bugs.freebsd.org/bugzilla/> References: <bug-207598-17777@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D207598 --- Comment #18 from Max <maximos@als.nnov.ru> --- no scrub on gre1 proto icmp scrub on gre1 There is no "host unreachable". 14:58:34.741461 rule 0..16777216/0(match): pass in on em0: 192.168.10.1 > 192.168.10.254: GREv0, proto IPv4 (0x0800), length 1480: 10.10.1.1 > 10.10.= 3.1: ICMP echo request, id 59142, seq 0, length 1456 14:58:34.741471 rule 0..16777216/0(match): pass in on gre0: 10.10.1.1 > 10.10.3.1: ICMP echo request, id 59142, seq 0, length 1456 14:58:34.741479 rule 0..16777216/0(match): pass out on gre1: 10.10.1.1 > 10.10.3.1: ICMP echo request, id 59142, seq 0, length 1456 14:58:34.741486 rule 0..16777216/0(match): pass out on em2: 192.168.30.254 > 192.168.30.1: GREv0, proto IPv4 (0x0800), length 1480: 10.10.1.1 > 10.10.3.= 1: ICMP echo request, id 59142, seq 0, length 1456 14:58:34.741542 rule 0..16777216/0(match): pass in on em0: 192.168.10.1 > 192.168.10.254: GREv0, proto IPv4 (0x0800), length 26: 10.10.1.1 > 10.10.3.= 1: ip-proto-1 14:58:34.741571 rule 0..16777216/0(match): pass in on gre0: 10.10.1.1 > 10.10.3.1: ip-proto-1 14:58:34.741576 rule 0..16777216/0(match): pass out on gre1: 10.10.1.1 > 10.10.3.1: ip-proto-1 14:58:34.741580 rule 0..16777216/0(match): pass out on em2: 192.168.30.254 > 192.168.30.1: GREv0, proto IPv4 (0x0800), length 26: 10.10.1.1 > 10.10.3.1: ip-proto-1 14:58:34.741648 rule 0..16777216/0(match): pass in on em2: 192.168.30.1 > 192.168.30.254: GREv0, proto IPv4 (0x0800), length 1480: 10.10.3.1 > 10.10.= 1.1: ICMP echo reply, id 59142, seq 0, length 1456 14:58:34.741654 rule 0..16777216/0(match): pass in on gre1: 10.10.3.1 > 10.10.1.1: ICMP echo reply, id 59142, seq 0, length 1456 14:58:34.741659 rule 0..16777216/0(match): pass out on gre0: 10.10.3.1 > 10.10.1.1: ICMP echo reply, id 59142, seq 0, length 1456 14:58:34.741665 rule 0..16777216/0(match): pass out on em0: 192.168.10.254 > 192.168.10.1: GREv0, proto IPv4 (0x0800), length 1480: 10.10.3.1 > 10.10.1.= 1: ICMP echo reply, id 59142, seq 0, length 1456 14:58:34.741682 rule 0..16777216/0(match): pass in on em2: 192.168.30.1 > 192.168.30.254: GREv0, proto IPv4 (0x0800), length 26: 10.10.3.1 > 10.10.1.= 1: ip-proto-1 14:58:34.741686 rule 0..16777216/0(match): pass in on gre1: 10.10.3.1 > 10.10.1.1: ip-proto-1 14:58:34.741691 rule 0..16777216/0(match): pass out on gre0: 10.10.3.1 > 10.10.1.1: ip-proto-1 14:58:34.741696 rule 0..16777216/0(match): pass out on em0: 192.168.10.254 > 192.168.10.1: GREv0, proto IPv4 (0x0800), length 26: 10.10.3.1 > 10.10.1.1: ip-proto-1 --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-207598-17777-nCk4RQaNLj>