ipv6 ipfilter + keep state bug? (releng_7)
Peter Kieser
peter at wingless.org
Wed Oct 24 21:43:52 PDT 2007
Hello,
I'm having similar issues (intermittent connectivity as if the dynamic
rule table isn't being kept properly) using IP Filter with IPv6 and keep
state rules as I was having with ipfw (see "ipfw2 keep-state + IPv6 on
RELENG_7"), IPv4 keep state rules work as expected. I've verified that
it is not infact a network problem (adding an "allow all" fixes the
problem again).
My rules are as follows, CVSup from today (Wed Oct 24 10:54:23 PDT), em0
is my external interface:
pass in quick on lo0 all
pass out quick on lo0 all
pass out quick on em0 keep state
pass in quick on em0 proto tcp from any to any port = 22
Has anyone reproduced this problem, or am I doing something totally
wrong? I'm willing to help debug the issue..
Cheers,
-Peter
More information about the freebsd-current
mailing list