Kristof Provost wrote: > On 2015-11-04 20:31:35 (-0500), Tom Uffner <tom_at_uffner.com> wrote: >> Commit r289932 causes pf rules with broadcast destinations (and some but not >> all rules after them in pf.conf) to be silently ignored. This is bad. > What version did you test exactly? > > There was an issue with r289932 that was fixed in r289940, so if you're > in between those two can you test with something after r289940? thanks for your response. r289940 does not fix the problem that I am seeing. I first discovered it when I updated a -current system (from Jun 30, don't know the exact rev) to r290174 on Oct 30. After finding that many of my net services no longer worked, I isolated rules w/ broadcast addresses as the specific cause of the problem. Then I looked up every commit that touched sys/netpfil/pf from 6/30 to 10/30 and tested a kernel from before & after each one. when r290160 unexpectedly failed, I looked a little deeper and came up with sys/net/pfvars.h and r289932 As I said, I don't know why this change causes a problem (and don't really have time to figure it out at the moment). I just know that <=r289931 works, and that r289932 and greater do not. thanks, tomReceived on Thu Nov 05 2015 - 14:26:06 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:00 UTC