[Bug 207598] pf adds icmp unreach on gre/ipsec somehow
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sat May 28 11:17:15 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207598
--- Comment #20 from Kristof Provost <kp at freebsd.org> ---
Created attachment 170747
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=170747&action=edit
pf_frag_pass patch
(In reply to Max from comment #19)
You may be on to something there.
pf_reassemble() actually returns PF_PASS, but it's turned back into PF_DROP
later on.
It actually looks like this'd be a problem for IPv6 too.
Can you give the attached patch a try? I'm not completely happy with it, but it
should fix the problem.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-pf
mailing list