incoming packet on ng_l2tp interface bypass PF firewall rules. not nat, no filter. Fix: unknown. lists.freebsd.org/pipermail/freebsd-net/2012-January/031161.html is not effective on FreeBSD 10 How-To-Repeat: setup l2tp/ipsec LNS on FreeBSD and connect from client(such as android). a packet from client can not filtering or natting.
Hiroaki-san, On Fri, Mar 14, 2014 at 04:05:37PM +0900, HASHI Hiroaki wrote: H> >Environment: H> System: FreeBSD tomba.meridiani.jp 10.0-STABLE FreeBSD 10.0-STABLE #3 r262965: Thu Mar 13 18:44:26 JST 2014 hashiz@stenmark.meridiani.jp:/usr/obj/usr/src/sys/TOMBA amd64 H> H> ng_l2tp: net/mpd5 H> ipsec: security/ipsec-tools H> H> >Description: H> incoming packet on ng_l2tp interface bypass PF firewall rules. H> not nat, no filter. Can you please check whether the issue is fixed or not by r263307 commit to stable/10? -- Totus tuus, Glebius.
State Changed From-To: open->feedback Submitter was asked for feedback.
Gleb-san fixed. But the problem of kern/169620 that was hidden due to this issue will appear again. http://www.freebsd.org/cgi/query-pr.cgi?pr=169620
Responsible Changed From-To: freebsd-bugs->freebsd-pf Over to maintainer(s).
batch change: For bugs that match the following - Status Is In progress AND - Untouched since 2018-01-01. AND - Affects Base System OR Documentation DO: Reset to open status. Note: I did a quick pass but if you are getting this email it might be worthwhile to double check to see if this bug ought to be closed.
*** Bug 169620 has been marked as a duplicate of this bug. ***
Fixed since 10.1-RELEASE