To test IPv6 fragements with extension header, the pf pass rules

author bluhm <bluhm@openbsd.org>

Wed, 7 Jun 2017 20:09:07 +0000 (20:09 +0000)

committer bluhm <bluhm@openbsd.org>

Wed, 7 Jun 2017 20:09:07 +0000 (20:09 +0000)
author bluhm <bluhm@openbsd.org>
Wed, 7 Jun 2017 20:09:07 +0000 (20:09 +0000)
committer bluhm <bluhm@openbsd.org>
Wed, 7 Jun 2017 20:09:07 +0000 (20:09 +0000)
diff --git a/regress/sys/net/pf_fragment/pf.conf b/regress/sys/net/pf_fragment/pf.conf

index 15c8a66..ca761d2 100644 (file)
--- a/regress/sys/net/pf_fragment/pf.conf
+++ b/regress/sys/net/pf_fragment/pf.conf
@@ -1,9 +1,9 @@
  # pf on PF must have these rules in the regress anchor
  
-pass to { $PF_IN/24 $PF_IN6/64 }
-pass to { $RT_IN/24 $RT_IN6/64 }
-pass to { $ECO_IN/24 $ECO_IN6/64 }
-pass to { $RDR_IN/24 $RDR_IN6/64 }
+pass to { $PF_IN/24 $PF_IN6/64 }   allow-opts
+pass to { $RT_IN/24 $RT_IN6/64 }   allow-opts
+pass to { $ECO_IN/24 $ECO_IN6/64 } allow-opts
+pass to { $RDR_IN/24 $RDR_IN6/64 } allow-opts
  
  pass in  to $RDR_IN/24  rdr-to $ECO_IN  allow-opts tag rdr
  pass out                nat-to $PF_OUT  allow-opts tagged rdr
author	bluhm <bluhm@openbsd.org>
	Wed, 7 Jun 2017 20:09:07 +0000 (20:09 +0000)
committer	bluhm <bluhm@openbsd.org>
	Wed, 7 Jun 2017 20:09:07 +0000 (20:09 +0000)