From owner-freebsd-net@FreeBSD.ORG Thu Mar 19 15:02:47 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DD642106564A for ; Thu, 19 Mar 2009 15:02:47 +0000 (UTC) (envelope-from pgoggins@cc.edu) Received: from xmail.cc.edu (xmail.cc.edu [140.104.8.8]) by mx1.freebsd.org (Postfix) with ESMTP id ACBCC8FC0A for ; Thu, 19 Mar 2009 15:02:47 +0000 (UTC) (envelope-from pgoggins@cc.edu) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Thu, 19 Mar 2009 10:01:42 -0500 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: multiple interfaces and pf rdr bug Thread-Index: Acmoo5z9ZTbAS4NFRG6ZRmJg6Irsyw== From: "Patrick Goggins" To: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: multiple interfaces and pf rdr bug X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Mar 2009 15:02:48 -0000 When configuring a system with three interfaces, two of them as a transparent bridge and a management interface one could configure the rules to allow users to connect to the management interface from being behind the bridge. However, if an rdr rule is applied to force this then, the clients connections time out. If the clients with this rule applied attempt to go directly to the management interface they are able to and if the rdr rule is changed to anything other than the management interface it works. There are allow rules created on the inside interface of the bridge and all other interfaces are set to skip. Can anyone else confirm this is a bug or correct me on my logic? =20 =20 =20 =20 ~Patrick =20