Bug #2598: reply-to on IPv4+6 rules breaks v6 - pfSense - pfSense bugtracker

Actions

Copy link

Bug #2598

closed

reply-to on IPv4+6 rules breaks v6

Added by Chris Buechler over 12 years ago. Updated over 11 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Category:

Rules / NAT

Target version:

2.1

Start date:

08/16/2012

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

Release Notes:

Affected Version:

2.1-IPv6

Affected Architecture:

Description

The auto-added reply-to on WAN rules in combination with IPv4+v6 rules breaks v6 connectivity, as the v4 IP is included as the reply-to address. Work around is just disabling the reply-to, at least where that's feasible. PF seems to ignore any v6 matching the rule if a v4 reply-to is specified, as it's not just being improperly routed, it's being logged as blocked.

There isn't a clean easy answer here. Splitting the rule, where it requires reply-to or route-to, into two separate rules in rules.debug is probably the best solution.

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #2598

reply-to on IPv4+6 rules breaks v6

Updated by Ermal Luçi almost 12 years ago

Updated by Ermal Luçi almost 12 years ago

Updated by Bernhard Lichtinger over 11 years ago

Updated by Jim Pingle over 11 years ago