Re: PF ignores block action when rule contains route-to/dup-to action

Hello, > > As a side effect the patch breaks block rules with dup-to action. dup-to > > action as a part of block rule might make some sense... So if there is > > someone, who really needs block ... dup-to he should opt for equivalent > > rule using pass ... route-to > > > > Also there is one

Re: PF ignores block action when rule contains route-to/dup-to action

> On 01 Sep 2015, at 14:31, Alexandr Nedvedicky > wrote: > >>> As a side effect the patch breaks block rules with dup-to action. dup-to >>> action as a part of block rule might make some sense... So if there is >>> someone, who really needs block ... dup-to he

Re: PF ignores block action when rule contains route-to/dup-to action

On 1 September 2015 at 14:31, Alexandr Nedvedicky wrote: > Hello, > > >> > As a side effect the patch breaks block rules with dup-to action. dup-to >> > action as a part of block rule might make some sense... So if there is >> > someone, who really needs block ...

PF ignores block action when rule contains route-to/dup-to action

Hello, Dilli Paudel in Oracle was playing with PF enough to find funny glitch. He used rule as follows: block in on vnic4 from 192.168.1.0/24 to any route-to 172.16.1.1@vnic5 Many people expect the route-to action is somewhat futile as 'block' action takes precedence here, so packet