Strange problem with ipfilter
- From: Stephen Clark <Stephen.Clark@xxxxxxxxxx>
- Date: Mon, 30 Oct 2006 12:41:40 -0500
Hello List,
We are having a strange problem with RELENG_6_1 and ipfilter 4.1.8.
We are running gre tunnels over fast_ipsec tunnels. We have the following
rule in ipf:
pass out proto icmp from any to any keep state
When we ping from the remote end across the ipsec tunnel to the ipsec local endpoint
address it works fine.
When we ping the local gre endpoint from the remote end ipf blocks the icmp-reply.
This works with 4.9 and ipfilter 3.4.31.
We can work around this by disabling the ipf rule - but is anyone
else experiencing problems with ipfilter 4.1.8?
Thanks,
Steve
--
"They that give up essential liberty to obtain temporary safety, deserve neither liberty nor safety." (Ben Franklin)
"The course of history shows that as a government grows, liberty decreases." (Thomas Jefferson)
_______________________________________________
freebsd-stable@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@xxxxxxxxxxx"
- Prev by Date: panic: vfs_getopt: caller passed 'opts' as NULL
- Next by Date: Re: ggated not working on 6.2-PRERELEASE
- Previous by thread: panic: vfs_getopt: caller passed 'opts' as NULL
- Next by thread: Re: FreeBSD 6 freeze
- Index(es):
Relevant Pages
|
|
