Date: Mon, 29 Sep 2025 16:12:54 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 289905] pf: Behavior change when using interface addresses Message-ID: <bug-289905-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=289905 Bug ID: 289905 Summary: pf: Behavior change when using interface addresses Product: Base System Version: 14.3-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: grembo@FreeBSD.org Up until including 13.4-RELEASE, this line worked as expected (IPv4 NAT): rdr on $ext_if proto tcp to $ext_if:0 port 443 -> 10.20.32.86 Starting with 13.5-RELEASE (and likewise on 14.3-RELEASE) the same line gives this error: /etc/pf.conf:25: no translation address with matching address family found. Probably due to $ext_if also having an IPv6 address assigned. So one is up for a nice surprise after updating the machine - pf is somehow running, but not really (NAT rules weren't working properly at the very least). Adding "inet" explicitly fixes the issue: rdr on $ext_if inet proto tcp to $ext_if:0 port 443 -> 10.20.32.86 If this change is intentional, it would be good if it was mentioned in the release notes. Ideally, it would be fixed so it just works as expected. -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-289905-227>