Date: Fri, 29 Nov 2013 14:28:27 +0200 From: "Ian FREISLICH" <ianf@clue.co.za> To: freebsd-pf@freebsd.org Subject: icmp-type echoreq not matching resulting ttl exceeded Message-ID: <E1VmNBM-00019a-4U@clue.co.za>
next in thread | raw e-mail | index | archive | help
Hi At some point this stopped working. I was able to use traceroute -I This rule let the echo request out and the resulting TTL exceeded was matched and allowed back in. pass out inet proto icmp from <ournets> to any icmp-type echoreq I've had to change the rule to the following to keep traceroute going: pass out inet proto icmp from <ournets> to any Ian -- Ian Freislich
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1VmNBM-00019a-4U>