Turns out there’s another issue with PF, IPv6 and TCP - this time its concerning the reassemble tcp packet scrubbing option.
Again, don’t turn it on for IPv6, as you’ll have issues making incoming TCP connections over IPv6 (outgoing didn’t seem to be affected in my tests).
You’ll want to instruct PF to apply reassemble tcp option for IPv4 only:
1
| |
I’m curious to know if this issue is specifically with the FreeBSD version of PF or is the latest OpenBSD version is affected by these issues as well?