>Number: 187566
>Category: kern
>Synopsis: incomming ng_l2tp/ipsec packet bypass PF firewall
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Mar 14 07:10:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator: HASHI Hiroaki
>Release: FreeBSD 10.0-STABLE amd64
>Organization:
person
>Environment:
System: FreeBSD tomba.meridiani.jp 10.0-STABLE FreeBSD 10.0-STABLE #3 r262965:
Thu Mar 13 18:44:26 JST 2014
[email protected]:/usr/obj/usr/src/sys/TOMBA amd64
ng_l2tp: net/mpd5
ipsec: security/ipsec-tools
>Description:
incomming packet on ng_l2tp interface bypass PF firewall rules.
not nat, no filter.
>How-To-Repeat:
setup l2tp/ipsec LNS on FreeBSD and connect from client(such as
android).
a packet from client can not filtering or natting.
>Fix:
unknown.
lists.freebsd.org/pipermail/freebsd-net/2012-January/031161.html
is not effective on FreeBSD 10
>Release-Note:
>Audit-Trail:
>Unformatted:
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "[email protected]"
