Packets passed by pf don't make it out?
Andreas Longwitz
longwitz at incore.de
Mon Oct 12 21:48:18 UTC 2020
Hello,
now I can confirm (on FreeBSD 10 Stable) what you see on fb2 when your
program udp_client is running on fb1. pf creates a state for the first
packet only, for the other packets pf failes to create a state with
messages like
pf: stack key attach failed on re0: UDP in wire: 192.168.14.10:23456
172.16.0.2:12345 stack: 192.168.14.10:23456
192.168.14.100:12345 1:0, existing: UDP in wire: 192.168.14.10:23456
172.16.0.1:12345 stack: 192.168.14.10:23456 192.168.14.100:12345 1:0
pf gives this messages in debug mode (pfctl -x loud).
I do not know if we see a bug in pf or if your program udp_client does
something illegal, I think Kristof can tell us.
Regards Andreas
More information about the freebsd-pf
mailing list