kern/102647: Using pf stateful rules for inet6 fails
for connections originating from the firewall itself to a
service running on thesame box
Frank Steinborn
steinex at nognu.de
Wed Sep 6 13:50:24 UTC 2006
The following reply was made to PR kern/102647; it has been noted by GNATS.
From: Frank Steinborn <steinex at nognu.de>
To: SUZUKI Shinsuke <suz at freebsd.org>
Cc: max at love2party.net, freebsd-pf at freebsd.org,
freebsd-gnats-submit at freebsd.org
Subject: Re: kern/102647: Using pf stateful rules for inet6 fails for connections originating from the firewall itself to a service running on thesame box
Date: Wed, 6 Sep 2006 15:49:22 +0200
SUZUKI Shinsuke wrote:
> Hi,
>
> >>>>> On Fri, 1 Sep 2006 21:22:45 +0200
> >>>>> max at love2party.net(Max Laier) said:
>
> > Thinking about this for a bit we might want to use the patch below
> > instead. i.e. do the fixup locally in the pfil wrapper instead. This
> > way other filters don't break if they have adapted to the new world
> > order.
> >
> > Thoughts? Please test and report back, either way.
>
> I'm fine with your patch. (it is preferable to add a comment about
> this hack, though)
>
> After the PR originator confirmed the fix, could you please commit it?
>
> Thanks,
> ----
> SUZUKI, Shinsuke @ KAME Project
I'm not sure if my first confirmation about the fix came through, so
I'll resend to get sure.
Well, as I said - the patch works fine here, I'm fine with it too.
Would be nice to see in in -STABLE soon.
Many thanks!
Frank
More information about the freebsd-pf
mailing list