pf dropping packets despite pass all rule
Tilman Linneweh
arved at arved.at
Thu Jul 31 16:10:02 UTC 2008
Hi list,
My setup:
LAN -> Router with PF <- gif tunnel with IPSEC -> Server
The router is running FreeBSD 7.0. Protocol is IPv6. ping6 works,
but TCPv6 from LAN to Server does not work, unless i disable PF.
Excerpt from pf.conf:
pass in quick on gif0 all keep state
pass out quick on gif0 all keep state
pflog0 contains some strange packets:
http://arved.priv.at/~arved/strangepackets.pcap
IPSEC_FILTERTUNNEL does not make a difference.
I don't understand why pf is dropping something on gif0. And i can't decode
what kind of packets these are, and why they are necessary for TCPv6.
Any ideas?
regards
arved
More information about the freebsd-pf
mailing list