Date: Tue, 17 Apr 2012 16:32:31 +0000 From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Gleb Smirnoff <glebius@freebsd.org> Cc: Ermal Lu?i <eri@FreeBSD.org>, freebsd-pf@FreeBSD.org Subject: Re: kern/164402: [pf] pf crashes with a particular set of rules when first matching packet arrives Message-ID: <5CA2DD90-145C-44F2-AD66-2DBCE8989C2A@lists.zabbadoz.net> In-Reply-To: <20120417094825.GC99119@glebius.int.ru> References: <201204151200.q3FC0LT5085161@freefall.freebsd.org> <20120416185949.GC92286@FreeBSD.org> <CAPBZQG2Tjg36GNCBetRZ20FhQnL1sK9i_-oQDDb97bcb4N=sLA@mail.gmail.com> <20120417081406.GA93887@glebius.int.ru> <CAPBZQG2gF8GSx6eE4jkFuOf29c-jB09Gz6=%2BkbpXprN8XiEE4w@mail.gmail.com> <20120417084608.GA99119@glebius.int.ru> <CAPBZQG0ujzB%2B7xTFpvhjRVbrtBEeABXHeKDx-WjbSOaAWX0-sA@mail.gmail.com> <20120417094825.GC99119@glebius.int.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On 17. Apr 2012, at 09:48 , Gleb Smirnoff wrote: > Replying on only on paragrapg, everything else agreed. >=20 > On Tue, Apr 17, 2012 at 11:33:27AM +0200, Ermal Lu?i wrote: > E> The only problem i might see is when running more than one firewall > E> together but still there are other issues when you do that at = pfil(9) > E> level. >=20 > Well, playing with two firewalls was never safe and clear, there = always > be edge cases in such setups. A lot of people have used ipfw to filter L2 MAC addresses etc and pf for = everything else in the past. So certainly is not an edge case. --=20 Bjoern A. Zeeb You have to have visions! It does not matter how good you are. It matters what good you do!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5CA2DD90-145C-44F2-AD66-2DBCE8989C2A>