While porting a 4.9 pf.conf to 5.2 I came across something that looks
like it might be a bug. The affected line was the pass in rule to send
forward FTP requests to the proxy on the firewall.
The following rule would not load:
pass in quick on $IntIf inet proto tcp to port ftp divert-to lo0 port 8021
The error message was:
pf.conf:207: address family mismatch for divert
If lo0 is replaced with 127.0.0.1 then it loads and works correctly.
However, 127.0.0.1 is properly substituted for lo0 when using rdr-to.
George
