Hello Giannis,
can you give a try diff below? it is against current, but it should
apply to 7.3 too.
the change makes pf(4) to honor PERSISTENT flag set by pfctl command
line tool as well as relayd. PERISTENT flag makes tables to survive
rules clenup. It should prevent tables created by relayd to disappear
when rules are flushed. relyad should clean up those tables when
it exits.
please let me know if diff below prevents your relayd from abort
when host is disabled. you need to apply diff, recompile kernel
and reboot.
thanks for your help
regards
sashan
--------8<---------------8<---------------8<------------------8<--------
diff --git a/sys/net/pf_table.c b/sys/net/pf_table.c
index 6f23a6f795d..c862c804f84 100644
--- a/sys/net/pf_table.c
+++ b/sys/net/pf_table.c
@@ -1565,8 +1565,10 @@ pfr_add_tables(struct pfr_table *tbl, int size, int
*nadd, int flags)
xadd++;
} else if (!(flags & PFR_FLAG_DUMMY) &&
!(p->pfrkt_flags & PFR_TFLAG_ACTIVE)) {
- p->pfrkt_nflags = (p->pfrkt_flags &
- ~PFR_TFLAG_USRMASK) | PFR_TFLAG_ACTIVE;
+ p->pfrkt_nflags =
+ (p->pfrkt_flags & ~PFR_TFLAG_USRMASK) |
+ (n->pfrkt_flags & PFR_TFLAG_USRMASK) |
+ PFR_TFLAG_ACTIVE;
SLIST_INSERT_HEAD(&changeq, p, pfrkt_workq);
}
}
