Sebastian Benoit([email protected]) on 2012.01.03 23:01:17 +0100:
> > Can you confirm that this bug happens in a plain PF setup also (i.e.
> > without relayd beeing involved)?
>
> Yes, i just chose to use the relayd anchor (as in the commands above), but
> in most of my test, especially today when i checked different kernels relayd
> was never started.
just to be clear, this also works:
in main pf.conf:
table <http_27c3> persist
pass in quick on rdomain 0 inet6 proto tcp from any \
to 2a00:15a8:6:100::27c3 port = 80 flags S/SA \
keep state (tcp.established 600) tag RELAYDHTTP \
rdr-to <http_27c3> port 80 round-robin prio 0
and then
# pfctl -t http_27c3 -T add 2a00:15a8:6:100:5054:ff:fe00:69
# pfctl -t http_27c3 -T add 2a00:15a8:6:100:5054:ff:fe00:67
# pfctl -t http_27c3 -T show
2a00:15a8:6:100:5054:ff:fe00:67
2a00:15a8:6:100:5054:ff:fe00:69
[get url until 2a00:15a8:6:100:5054:ff:fe00:69 was hit]
# pfctl -t http_27c3 -T delete 2a00:15a8:6:100:5054:ff:fe00:69
-> next get request times out
and also with ipv4...
/Benno
