Date: Sun, 23 Nov 2008 10:18:18 +1030 From: "Daniel O'Connor" <darius@dons.net.au> To: "Chris Buechler" <cbuechler@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: kern/129060: [pf] [tun] pf doesn't forget the old tun IP Message-ID: <200811231018.28601.darius@dons.net.au> In-Reply-To: <d64aa1760811221412h61747897u11c28686b39961f4@mail.gmail.com> References: <200811220225.mAM2Phuj038059@freefall.freebsd.org> <d64aa1760811221412h61747897u11c28686b39961f4@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart1411988.eb2DERsL7l Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Sunday 23 November 2008 08:42:48 Chris Buechler wrote: > On Fri, Nov 21, 2008 at 9:25 PM, <linimon@freebsd.org> wrote: > > Old Synopsis: pf doesn't forget the old tun IP > > New Synopsis: [pf] [tun] pf doesn't forget the old tun IP > > This sounds like the expected behavior, not a bug. You have to kill > your states when your WAN IP changes or else traffic will continue to > be translated via the existing state. I have tried to use -k $oldip but it doesn't fix the problem :( Also, I don't think it is sensible behaviour - if my IP changes any=20 connections are going to die because the other ends of the link will be=20 sending traffic to the old IP. =2D-=20 Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --nextPart1411988.eb2DERsL7l Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQBJKJpM5ZPcIHs/zowRAuimAJ4gUVtY6FFAhK/Bsduhj6urEFpsewCfW3wZ be2yLzqIIAv4xAOV3Ndu3dk= =ShYT -----END PGP SIGNATURE----- --nextPart1411988.eb2DERsL7l--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200811231018.28601.darius>