Re: Connection closed when npf restarting with rules in non-default group

To: tech-net%NetBSD.org@localhost
Subject: Re: Connection closed when npf restarting with rules in non-default group
From: Frédéric Fauberteau <triaxx%NetBSD.org@localhost>
Date: Fri, 28 Jun 2024 17:37:11 +0200

Frédéric Fauberteau writes:

    group default {
      # [...]
      # SSH
pass stateful in final family inet4 proto tcp to $ext_ip4 portsshpass stateful in final family inet6 proto tcp to $ext_ip6 portssh
      # [...]
    }

Actually, 'service npf restart' closes connection if "on" interface isadded to the rule:

pass stateful in final on $ext_if family inet4 proto tcp to$ext_ip4 port sshpass stateful in final on $ext_if family inet6 proto tcp to$ext_ip6 port ssh


Is it a bug or a feature?

Follow-Ups:
- Re: Connection closed when npf restarting with rules in non-default group
  - From: triaxx

References:
- Connection closed when npf restarting with rules in non-default group
  - From: Frédéric Fauberteau

Prev by Date: Connection closed when npf restarting with rules in non-default group
Next by Date: Re: Connection closed when npf restarting with rules in non-default group
Previous by Thread: Connection closed when npf restarting with rules in non-default group
Next by Thread: Re: Connection closed when npf restarting with rules in non-default group
Indexes:

Home | Main Index | Thread Index | Old Index