[Bug 268717] [pf] [ipnat] rdr rules don't work for traffic originating at localhost
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 20 Jun 2023 14:36:08 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268717
--- Comment #34 from commit-hook@FreeBSD.org ---
A commit in branch main references this bug:
URL:
https://cgit.FreeBSD.org/src/commit/?id=3a1f834b5228986a7c14fd60da13cf2700e80996
commit 3a1f834b5228986a7c14fd60da13cf2700e80996
Author: Doug Rabson <dfr@FreeBSD.org>
AuthorDate: 2023-06-20 13:01:58 +0000
Commit: Doug Rabson <dfr@FreeBSD.org>
CommitDate: 2023-06-20 14:34:01 +0000
pf: Add code to enable filtering for locally delivered packets
This is disabled by default since it potentially changes the behavior of
existing filter rule sets. To enable this extra filter for packets being
delivered locally, use:
sysctl net.pf.filter_local=1
service pf restart
PR: 268717
Reviewed-by: kp
MFC-after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D40373
UPDATING | 12 ++++++++++++
sys/netpfil/pf/pf_ioctl.c | 20 ++++++++++++++++++++
tests/sys/netpfil/common/utils.subr | 3 +--
tests/sys/netpfil/pf/fragmentation_compat.sh | 3 ++-
tests/sys/netpfil/pf/fragmentation_pass.sh | 3 ++-
tests/sys/netpfil/pf/killstate.sh | 24 ++++++++++++++++--------
tests/sys/netpfil/pf/map_e.sh | 3 ++-
tests/sys/netpfil/pf/pass_block.sh | 3 ++-
tests/sys/netpfil/pf/pfsync.sh | 1 +
tests/sys/netpfil/pf/route_to.sh | 3 ++-
tests/sys/netpfil/pf/set_skip.sh | 2 +-
tests/sys/netpfil/pf/table.sh | 6 ++++--
12 files changed, 65 insertions(+), 18 deletions(-)
--
You are receiving this mail because:
You are the assignee for the bug.