https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268717
--- Comment #6 from d...@rabson.org --- Created attachment 239274 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=239274&action=edit possible fix for redirects initiated by localhost Redirect rules are triggered on PF_IN events to allow the rule to replace the destination address+port and also on PF_OUT events to reverse the replacement for packets flowing back towards the original source address. If the source is a local address, this second event is not triggered since the return packet is delivered to the local protocol stack. A possible fix is to simulate the PF_OUT event for packets destined for local processing, allowing the second part of the redirect to be applied. This does conflict with source address validation in 14-current which I'm disabling for testing. That could be mitigated by relaxing source address validation to allow packets with non-local source addresses pre-filtering. -- You are receiving this mail because: You are the assignee for the bug.
