Re: PF silently dropping IPv6 packets

To: Fredrik Pettai <pettai%nordu.net@localhost>
Subject: Re: PF silently dropping IPv6 packets
From: Martti Kuparinen <martti.kuparinen%iki.fi@localhost>
Date: Tue, 16 Feb 2010 16:00:00 +0200

Fredrik Pettai wrote:

Have you tried to remove the scrubbing?


After removing the "scrub in", I get

15:49:19.114873 rule 46/0(match): block in on vlan200: (hlim 119, next-header:Fragment (44), length: 34) 2001:yyyy:yyyy:yyyy::e0fe > 2001:xxxx:xxxx:xxxx::3:frag (0x00004194:0|26) ICMP6, echo reply, length 26, seq 1


which is this this rule

pass out all flags S/SA keep state (if-bound)

I didn't touch those two with $EXT_IF because our IPv6 traffic is going out on 
gif0.

Follow-Ups:
- Re: PF silently dropping IPv6 packets
  - From: Martti Kuparinen

References:
- PF silently dropping IPv6 packets
  - From: Martti Kuparinen
- Re: PF silently dropping IPv6 packets
  - From: Fredrik Pettai

Prev by Date: Re: PF silently dropping IPv6 packets
Next by Date: Re: PF silently dropping IPv6 packets
Previous by Thread: Re: PF silently dropping IPv6 packets
Next by Thread: Re: PF silently dropping IPv6 packets
Indexes:

Home | Main Index | Thread Index | Old Index