pf blocking nfs
J65nko BSD
j65nko at gmail.com
Thu Dec 1 01:40:55 GMT 2005
[snip]
> In your original post, there was something about a short packet. I'm
> guessing this might screw things up. You might try adding 'scrub in all'
> before the filtering rules.
>
[smip]
Be careful with scrub and NFS. From http://openbsd.bay13.net/faq/pf/scrub.html
"One reason not to scrub on an interface is if one is passing NFS
through PF. Some non-OpenBSD platforms send (and expect) strange
packets -- fragmented packets with the "do not fragment" bit set,
which are (properly) rejected by scrub."
More information about the freebsd-questions
mailing list