Date: Tue, 19 Aug 2014 00:47:39 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 191975] [ng_iface] [regression] in 10.0: cannot contact local services Message-ID: <bug-191975-2472-sbfNTcoGJU@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-191975-2472@https.bugs.freebsd.org/bugzilla/> References: <bug-191975-2472@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191975 --- Comment #3 from dgilbert@eicat.ca --- I continue to try to eek out what's happening here. I had an idea: Why don't I create a firewall rule: rdr on ng1 inet proto tcp from any to 66.96.16.3 port = 2222 -> 66.96.16.3 port 22 and then I can try this. Well... [2:54:354]root@owl:~> pfctl -vs nat No ALTQ support in kernel ALTQ related functions disabled rdr on ng1 inet proto tcp from any to 66.96.16.3 port = 2222 -> 66.96.16.3 port 22 [ Evaluations: 118329 Packets: 7 Bytes: 356 States: 1 ] [ Inserted: uid 0 pid 43426 State Creations: 1 ] [2:55:355]root@owl:~> netstat -an | grep 22 tcp4 0 0 66.96.16.3.22 66.96.16.11.53211 ESTABLISHED tcp4 0 0 *.22 *.* LISTEN tcp6 0 0 *.22 *.* LISTEN so... PF sees the SYN packets, but the local TCP stack does not. Sigh. Help? -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-191975-2472-sbfNTcoGJU>