Project

General

Profile

Bug #2586

pf: "modulate" state seems problematic

Added by srussell about 3 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
09/25/2013
Due date:
% Done:

0%


Description

Since 2010, I got constant reboot problems while using some particular configuration for pf.

I finally found the root of the problem. I fixed it by replacing this configuration:

pass out on $ext_if inet proto { tcp udp icmp } all modulate state

with this:

pass out on $ext_if inet proto { tcp udp icmp } all keep state

It seems that de "modulate" state is problematic. Since I replaced it by "keep state", my firewall is working normally without panic or unwanted reboots.

My firewall server is using DragonFly v3.2.2.6.g1bd21-RELEASE in 32 bits.

Also available in: Atom PDF