From owner-freebsd-pf@freebsd.org  Sat May 21 20:44:12 2016
Return-Path: <owner-freebsd-pf@freebsd.org>
Delivered-To: freebsd-pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id BA423B45E07
 for <freebsd-pf@mailman.ysv.freebsd.org>; Sat, 21 May 2016 20:44:12 +0000 (UTC)
 (envelope-from lists@opsec.eu)
Received: from home.opsec.eu (home.opsec.eu [IPv6:2001:14f8:200::1])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 82970106A
 for <freebsd-pf@freebsd.org>; Sat, 21 May 2016 20:44:12 +0000 (UTC)
 (envelope-from lists@opsec.eu)
Received: from pi by home.opsec.eu with local (Exim 4.87 (FreeBSD))
 (envelope-from <lists@opsec.eu>)
 id 1b4Dkt-000Aw6-8O; Sat, 21 May 2016 22:44:15 +0200
Date: Sat, 21 May 2016 22:44:15 +0200
From: Kurt Jaeger <lists@opsec.eu>
To: Max <maximos@als.nnov.ru>
Cc: freebsd-pf@freebsd.org
Subject: Re: Bug 201519
Message-ID: <20160521204415.GA41922@home.opsec.eu>
References: <deb597cf-0c92-3d77-38f6-a03120f7e3ad@als.nnov.ru>
 <20160521195406.GO15034@home.opsec.eu>
 <8412061b-2bd3-0cc0-fc9f-99b81c653aae@als.nnov.ru>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <8412061b-2bd3-0cc0-fc9f-99b81c653aae@als.nnov.ru>
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 21 May 2016 20:44:12 -0000

Hi!

> It`s incomplete. I have tested only the case when inner packet is UDP. 
> Other cases should be tested I think.

Yes.

> Actually the patch was mentioned in Alexey's message 
> (http://openbsd-archive.7691.n7.nabble.com/system-6564-pf-not-nating-does-not-see-icmp4-port-unreachable-packets-from-machine-behind-pf-td187997.html).
> Someone with more experience (then me) should review this patch.

Yes, but it's easier to review a patch as attachment to
the relevant PR than one posted on one of the lists.

If you did the patch for an 10month-old bug, it's a sign
that there aren't that many 'more experienced' people looking
at it 8-) So get over your modesty and add it to the PR 8-}

-- 
pi@opsec.eu            +49 171 3101372                         4 years to go !