freebsd 7.1 pf route-to connection stall
Tom Uffner
tom at uffner.com
Mon Mar 2 11:29:38 PST 2009
Link wrote:
> Thanks for your reply.
> Tried rules you`ve listed.
> Does not help....
> I`ve checked with tcpdump packets are still going out using default route.
hmm. it sounds like packets aren't matching the rules.
at this point all I can suggest is adding an explicit "pass log all" as
the first rule in your config, and then testing either your ruleset or
my ruleset by adding "log" to all of the rules and check that packets
are matching appropriately. for much more detail you can change "log"
to "log (all)" to capture _every_ packet, not just the ones that create
state.
be careful though. running full logging will consume lots of disk if used
in production rather than just while debugging.
tom
More information about the freebsd-pf
mailing list