You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
a) Using the "!" together with variables causes a core dump, listing the networks as CDIR works well.
...
$iscsi_net = { 192.168.209.0/24 }
$nfs_net = { 192.168.210.0/24 }
$ihome_net = { 192.168.217.0/24 }
...
group "iscsi_in" in on $iscsi_if {
# block all
block all apply "log_block"
# allow ping
pass stateful final proto icmp icmp-type 8 from $iscsi_net to !{ $nfs_net, $ihome_net } apply "log_ok"
}
...
gw4 /root > npfctl reload
Segmentation fault (core dumped)
modifying the pass line:
...
pass stateful final proto icmp icmp-type 8 from $iscsi_net to !{ 192.168.210.0/24, 192.168.217.0/24 } apply "log_ok"
...
gw4 /root > npfctl reload
gw4 /root > npfctl show
# filtering: active
# config: loaded
...
group "iscsi_in" in on vlan5 { # id="6"
block all apply "log_block" # id="7"
pass stateful final family inet4 proto icmp icmp-type 8 from 192.168.209.0/24 to { 192.168.210.0/24, 192.168.217.0/24 } apply "log_ok" # id="8"
}
...
b) npfctl show does not show the "!", although the negation logic seems works well.
Environment:
NetBSD 10.0 within Virtual Machine Manager on Ubuntu 24.04
NetBSD gw4.example.org 10.0 NetBSD 10.0 (GENERIC) #0: Thu Mar 28 08:33:33 UTC 2024 mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/amd64/compile/GENERIC amd64
The text was updated successfully, but these errors were encountered:
Description
a) Using the "!" together with variables causes a core dump, listing the networks as CDIR works well.
modifying the
passline:b)
npfctl showdoes not show the "!", although the negation logic seems works well.Environment:
NetBSD gw4.example.org 10.0 NetBSD 10.0 (GENERIC) #0: Thu Mar 28 08:33:33 UTC 2024 mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/amd64/compile/GENERIC amd64The text was updated successfully, but these errors were encountered: