[Bug 191975] [ng_iface] [regression] in 10.0: cannot contact local services
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Aug 19 00:47:39 UTC 2014
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191975
--- Comment #3 from dgilbert at eicat.ca ---
I continue to try to eek out what's happening here. I had an idea: Why don't I
create a firewall rule:
rdr on ng1 inet proto tcp from any to 66.96.16.3 port = 2222 -> 66.96.16.3 port
22
and then I can try this. Well...
[2:54:354]root at owl:~> pfctl -vs nat
No ALTQ support in kernel
ALTQ related functions disabled
rdr on ng1 inet proto tcp from any to 66.96.16.3 port = 2222 -> 66.96.16.3 port
22
[ Evaluations: 118329 Packets: 7 Bytes: 356 States: 1
]
[ Inserted: uid 0 pid 43426 State Creations: 1 ]
[2:55:355]root at owl:~> netstat -an | grep 22
tcp4 0 0 66.96.16.3.22 66.96.16.11.53211 ESTABLISHED
tcp4 0 0 *.22 *.* LISTEN
tcp6 0 0 *.22 *.* LISTEN
so... PF sees the SYN packets, but the local TCP stack does not.
Sigh. Help?
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-net
mailing list