kern/144311: massive ICMP storm on lo0 occurs when using pf(4)
'reply-to'
Yoshiaki Kasahara
kasahara at nc.kyushu-u.ac.jp
Fri Feb 26 08:40:03 UTC 2010
The following reply was made to PR kern/144311; it has been noted by GNATS.
From: Yoshiaki Kasahara <kasahara at nc.kyushu-u.ac.jp>
To: bug-followup at FreeBSD.org
Cc:
Subject: Re: kern/144311: massive ICMP storm on lo0 occurs when using pf(4)
'reply-to'
Date: Fri, 26 Feb 2010 17:33:42 +0900 (JST)
I changed the rule to use 'route-to' instead of 'reply-to' and the
ICMP storm stopped.
----------
if_isp1="em0"
isp1_router="GW1.GW1.GW1.GW1"
if_isp2="em1"
isp2_router="GW2.GW2.GW2.GW2"
pass in all no state
pass out all
pass out route-to ( $if_isp1 $isp1_router ) from $if_isp1
pass out route-to ( $if_isp2 $isp2_router ) from $if_isp2
----------
I'm not sure about the implementation difference of 'reply-to' and
'route-to'.
More information about the freebsd-bugs
mailing list