rdr pass log proto udp \
from {<all-public-ip-space>,<all-rfc1918-space>} \
to <pxe-servers> port tftp \
tag ALLOWED \
-> 127.0.0.1 port 6969
There is a pass quick tagged ALLOWED later in rules.
/etc/inetd.conf contains:
acmsoda dgram udp wait root /usr/libexec/tftp-proxy tftp-proxy
Depending on circumstances, we see a lot or a very few of the following
messages:
"pf connection lookup failed (no rdr?)"
We also see very slow tftp response through the 11.1 firewall, with
occasional complete failures.
On 12/03/2017 11:40 AM, Kristof Provost wrote:
> On 2 Dec 2017, at 4:56, John Jasen wrote:
>> Attempts to run tftp-proxy across a freebsd system running pf result in
>> very slow performance and an endless amount of:
>>
>> "pf connection lookup failed (no rdr?)"
>> Is there something that has regressed in 11.1, or am I missing something?
>>
> I’m not aware of any such regressions, but that of course doesn’t mean the
> can’t be there.
>
> Can you post the relevant bits of your rules/configuration? A small test case
> would be ideal.
>
> Regards,
> Kristof
_______________________________________________
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
