amd64/153307: Bug with PF firewall

Manuel G Ochoa mochoa at
Mon Dec 20 13:50:11 UTC 2010

>Number:         153307
>Category:       amd64
>Synopsis:       Bug with PF firewall
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-amd64
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 20 13:50:10 UTC 2010
>Originator:     Manuel G Ochoa
>Release:        Freebsd 8.1
Agency Matrix LLC
FreeBSD 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Mon Jul 19 02:3
6:49 UTC 2010     root at  amd64
PF firewall does not work as expected after a reboot
Configure /etc/pf.conf as follows:
  table <trusted> persist file "/etc/trusted"
  scrub in
  pass  in quick from <trusted>
  block in on $ext

Configure /etc/trusted as follows:

Reboot server

Any ip address will pass through the firewall

pfctl -t trusted -T show

Table does not exist.

run this command:
pfctl -f /etc/pf.conf

This command will reload the pf config file and load the table into the rule set.

pfctl -t trusted -T show


Now, only this ip address is allowed through the firewall. All other addresses are blocked.


More information about the freebsd-amd64 mailing list