kern/129060: [pf] [tun] pf doesn't forget the old tun IP
Daniel O'Connor
darius at dons.net.au
Sat Nov 22 16:25:39 PST 2008
On Sunday 23 November 2008 08:42:48 Chris Buechler wrote:
> On Fri, Nov 21, 2008 at 9:25 PM, <linimon at freebsd.org> wrote:
> > Old Synopsis: pf doesn't forget the old tun IP
> > New Synopsis: [pf] [tun] pf doesn't forget the old tun IP
>
> This sounds like the expected behavior, not a bug. You have to kill
> your states when your WAN IP changes or else traffic will continue to
> be translated via the existing state.
I have tried to use -k $oldip but it doesn't fix the problem :(
Also, I don't think it is sensible behaviour - if my IP changes any
connections are going to die because the other ends of the link will be
sending traffic to the old IP.
--
Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
"The nice thing about standards is that there
are so many of them to choose from."
-- Andrew Tanenbaum
GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20081123/1f9831f0/attachment.pgp
More information about the freebsd-pf
mailing list