ipv6 ipfilter + keep state bug? (releng_7)

From: Peter Kieser <peter_at_wingless.org>
Date: Wed, 24 Oct 2007 21:43:04 -0700
Hello,

I'm having similar issues (intermittent connectivity as if the dynamic 
rule table isn't being kept properly) using IP Filter with IPv6 and keep 
state rules as I was having with ipfw (see "ipfw2 keep-state + IPv6 on 
RELENG_7"), IPv4 keep state rules work as expected. I've verified that 
it is not infact a network problem (adding an "allow all" fixes the 
problem again).

My rules are as follows, CVSup from today (Wed Oct 24 10:54:23 PDT), em0 
is my external interface:

pass in quick on lo0 all
pass out quick on lo0 all
pass out quick on em0 keep state
pass in quick on em0 proto tcp from any to any port = 22

Has anyone reproduced this problem, or am I doing something totally 
wrong? I'm willing to help debug the issue..

Cheers,

-Peter
Received on Thu Oct 25 2007 - 02:43:52 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:20 UTC