On 2019/09/16 13:14, Michael Glasgow wrote: > After upgrading from 6.2 to 6.5 (amd64), pf rules like this no > longer match as expected: > > pass in on trust inet proto tcp from $net to route "default" > > This used to match traffic from $net destined to any network that would > be routed out the default route. > > The ruleset worked before the upgrade, but no longer. Any idea > what may have changed? > > -- > Michael Glasgow <glas...@beer.net>
I'm not sure what changed, though I don't think I would have expected it to work with 6.2 either, unless you have explicitly used the label "default" when adding that route. It might be work re-asking on OpenBSD's tech@ mailing list instead, I'm not too sure if many people working in that area will see it on this pf list.
