From owner-freebsd-pf@FreeBSD.ORG  Fri Mar  2 09:56:26 2007
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 45A7416A40F
	for <freebsd-pf@freebsd.org>; Fri,  2 Mar 2007 09:56:26 +0000 (UTC)
	(envelope-from Greg.Hennessy@nviz.net)
Received: from smtp.nildram.co.uk (smtp.nildram.co.uk [195.112.4.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 0F0F513C46B
	for <freebsd-pf@freebsd.org>; Fri,  2 Mar 2007 09:56:26 +0000 (UTC)
	(envelope-from Greg.Hennessy@nviz.net)
Received: from gw2.local.net (unknown [62.3.210.251])
	by smtp.nildram.co.uk (Postfix) with ESMTP id 513BF2BC592
	for <freebsd-pf@freebsd.org>; Fri,  2 Mar 2007 09:56:23 +0000 (GMT)
From: "Greg Hennessy" <Greg.Hennessy@nviz.net>
To: "'Tom Judge'" <tom@tomjudge.com>
References: <45E75454.2060302@tomjudge.com>
	<000601c75ca1$b4d7a570$1e86f050$@Hennessy@nviz.net>
	<45E7F00B.6010306@tomjudge.com>
In-Reply-To: <45E7F00B.6010306@tomjudge.com>
Date: Fri, 2 Mar 2007 09:56:14 -0000
Message-ID: <001901c75cb1$040435a0$0c0ca0e0$@Hennessy@nviz.net>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcdcrrXyTz/FG65ZRciIDPk15lUhawAAjLLw
Content-Language: en-gb
X-Antivirus: avast! (VPS 000720-0, 01/03/2007), Outbound message
X-Antivirus-Status: Clean
Cc: freebsd-pf@freebsd.org
Subject: RE: Tracing packets passing through PF
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Mar 2007 09:56:26 -0000

> 
> I actually need to see how a packet that the IPSEC code generates is
> passes through PF (What rules it is (not) matching etc).  At the moment
> it seems that it is either a) not passing through pf at all, b) For
> some
> reason not matching the source routing rule.
> 
> Is there anyway to see this, possibly by setting debuging to loud
> (pfctl
> -x loud) ?

Are you filtering on the loopback by any chance ? Or have you set skip on
lo0 ? 



Greg