Since 5.0 rules injected by relayd includes "on rdomain 0" and "prio 0",
I guess that's not intended ?
Index: pfe_filter.c
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/pfe_filter.c,v
retrieving revision 1.47
diff -u -r1.47 pfe_filter.c
--- pfe_filter.c 19 May 2011 08:56:49 -0000 1.47
+++ pfe_filter.c 2 Mar 2012 16:06:30 -0000
@@ -439,6 +442,8 @@
rio.rule.dst.port[0] = address->port.val[0];
rio.rule.dst.port[1] = address->port.val[1];
rio.rule.rtableid = -1; /* stay in the main routing table */
+ rio.rule.onrdomain = -1;
+ rio.rule.prio[0] = rio.rule.prio[1] = PF_PRIO_NOTSET;
if (rio.rule.proto == IPPROTO_TCP)
rio.rule.timeout[PFTM_TCP_ESTABLISHED] =
