https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=216867
Rodney W. Grimes <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #3 from Rodney W. Grimes <[email protected]> --- (In reply to Helge Oldach from comment #2) In general the reass should come before any rule that might check a port number, as only the first packet, or a completly reassembled packet has a port number. So I agree it should be moved before the check state, and probably moved even much earlier. The other issue is that net.inet.ip.fw.one_pass must be turned on for this to work, that change requires further considerations and testing. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[email protected]"
