[Bug 288577] pf: pass out ... rdr-to changes source address instead of destination address

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 04 Aug 2025 11:07:48 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=288577

Kajetan Staszkiewicz <vegeta@tuxpowered.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |vegeta@tuxpowered.net

--- Comment #2 from Kajetan Staszkiewicz <vegeta@tuxpowered.net> ---
(In reply to Lexi Winter from comment #0)

> pass out quick on $inet_if from <lf> to 64:ff9b::/96 rdr-to 2001:8b0:6464:0:66::/96

You're applying destination change *after* routing. This does not make much
sense to me. rdr-to should be applied on inbound direction, so that packet can
be routed towards the new address.

(In reply to Dobri Dobrev from comment #1)
> Maybe you need something like
> rdr on $inet_if from <lf> to 64:ff9b::/96 -> 2001:8b0:6464:0:66::/96

This is the old FreeBSD syntax, FreeBSD 15 will support the new OpenBSD syntax,
so rdr-to is the preferred way on 15.

-- 
You are receiving this mail because:
You are the assignee for the bug.