[Bug 207598] pf adds icmp unreach on gre/ipsec somehow

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Wed May 25 11:40:16 UTC 2016 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207598

--- Comment #14 from Max <maximos at als.nnov.ru> ---
scrub on gre1

14:35:43.641169 rule 0..16777216/0(match): pass in on em0: 192.168.10.1 >
192.168.10.254: GREv0, proto IPv4 (0x0800), length 1480: 10.10.1.1 > 10.10.3.1:
ICMP echo request, id 44806, seq 0, length 1456
14:35:43.641178 rule 0..16777216/0(match): pass in on gre0: 10.10.1.1 >
10.10.3.1: ICMP echo request, id 44806, seq 0, length 1456
14:35:43.641194 rule 0..16777216/0(match): pass out on gre0: 10.10.2.1 >
10.10.1.1: ICMP host 10.10.3.1 unreachable, length 36
14:35:43.641200 rule 0..16777216/0(match): pass out on em0: 192.168.10.254 >
192.168.10.1: GREv0, proto IPv4 (0x0800), length 60: 10.10.2.1 > 10.10.1.1:
ICMP host 10.10.3.1 unreachable, length 36
14:35:43.641218 rule 0..16777216/0(match): pass in on em0: 192.168.10.1 >
192.168.10.254: GREv0, proto IPv4 (0x0800), length 26: 10.10.1.1 > 10.10.3.1:
ip-proto-1
14:35:43.641223 rule 0..16777216/0(match): pass in on gre0: 10.10.1.1 >
10.10.3.1: ip-proto-1
14:35:43.641230 rule 0..16777216/0(match): pass out on gre1: 10.10.1.1 >
10.10.3.1: ICMP echo request, id 44806, seq 0, length 1458
14:35:43.641237 rule 0..16777216/0(match): pass out on em2: 192.168.30.254 >
192.168.30.1: GREv0, proto IPv4 (0x0800), length 1482: 10.10.1.1 > 10.10.3.1:
ICMP echo request, id 44806, seq 0, length 1458
14:35:43.641421 rule 0..16777216/0(match): pass in on em2: 192.168.30.1 >
192.168.30.254: GREv0, proto IPv4 (0x0800), length 1480: 10.10.3.1 > 10.10.1.1:
ICMP echo reply, id 44806, seq 0, length 1456
14:35:43.641428 rule 0..16777216/0(match): pass in on em2: 192.168.30.1 >
192.168.30.254: GREv0, proto IPv4 (0x0800), length 26: 10.10.3.1 > 10.10.1.1:
ip-proto-1
14:35:43.641434 rule 0..16777216/0(match): pass in on gre1: 10.10.3.1 >
10.10.1.1: ICMP echo reply, id 44806, seq 0, length 1458
14:35:43.641439 rule 0..16777216/0(match): pass out on gre0: 10.10.3.1 >
10.10.1.1: ICMP echo reply, id 44806, seq 0, length 1458
14:35:43.641479 rule 0..16777216/0(match): pass out on em0: 192.168.10.254 >
192.168.10.1: GREv0, proto IPv4 (0x0800), length 1480: 10.10.3.1 > 10.10.1.1:
ICMP echo reply, id 44806, seq 0, length 1456
14:35:43.641497 rule 0..16777216/0(match): pass out on em0: 192.168.10.254 >
192.168.10.1: GREv0, proto IPv4 (0x0800), length 26: 10.10.3.1 > 10.10.1.1:
ip-proto-1

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-pf mailing list