From owner-freebsd-pf@FreeBSD.ORG Thu Apr 4 18:14:06 2013 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id D27B8495 for ; Thu, 4 Apr 2013 18:14:06 +0000 (UTC) (envelope-from mikemacleod@gmail.com) Received: from mail-ie0-x232.google.com (mail-ie0-x232.google.com [IPv6:2607:f8b0:4001:c03::232]) by mx1.freebsd.org (Postfix) with ESMTP id AA6C6692 for ; Thu, 4 Apr 2013 18:14:06 +0000 (UTC) Received: by mail-ie0-f178.google.com with SMTP id bn7so3441719ieb.9 for ; Thu, 04 Apr 2013 11:14:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=wJZUWMKZb7XtzJPFY5gOsCD0FYbLlJiAEBLZfNHzNcg=; b=gVKO8bIARm+8/15aWuHKGHnZin6xuiXkbGrsl/Boid9exb1p9wT2INCegn+1BAxrxx /7Ft2BO8ug1b5OyhXOMKORzBOWc945Z1Jy29JRB/E8OfC2gwHv5k5+2ql7chkiheU5G0 rXLAyPtJ1ststgGTVRqoILD5cm1MiRwvyyMr00bS7a4r4tCIrm2my09mst/zC5tmxl79 l4rkTncEY6f7FIA1QqlM0ujjFQF+8IBpV0iNqikIdmzmUbfSNoMRVGOyPpkdCULmfmM7 KIGvJIiOTDbLop5i/RFx8a8mcUrb2WnQHSWQgWliKbhnAhAmREOoqgwwEqobegWUpLpa h0MQ== X-Received: by 10.42.247.8 with SMTP id ma8mr3788431icb.1.1365099246364; Thu, 04 Apr 2013 11:14:06 -0700 (PDT) MIME-Version: 1.0 Received: by 10.64.106.161 with HTTP; Thu, 4 Apr 2013 11:13:46 -0700 (PDT) In-Reply-To: <515D8F9D.3080001@innolan.dk> References: <515D8F9D.3080001@innolan.dk> From: Michael MacLeod Date: Thu, 4 Apr 2013 14:13:46 -0400 Message-ID: Subject: Re: Filtering bridge with pf. To: Carsten Sonne Larsen Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Apr 2013 18:14:06 -0000 Without seeing the ruleset in question it's hard to say, but if rule 2 also uses the quick keyword, then it won't reach the certain expected rule you mention. Again, hard to say without seeing at least rule 2 and the expected rule, and better the whole ruleset. On Thu, Apr 4, 2013 at 10:35 AM, Carsten Sonne Larsen wrote: > Hello guy, > > I am using pf to implement a filtering bridge but Im experinces some > strange behaviour from pf. While using tcpdump I get entries like this: > > 16:25:45.998253 rule 2..16777216/0(match): block in on rl0: > 192.168.0.1.32768 > 239.255.255.250.1900: UDP, length 339 > > I am using the keyword *quick* and would expect a certain rule match > instead of rule 2..16777216 > > Also using pftop for some reason states does not expire while looking in > the rules view. > > Could this be due a miscompiled kernel or maybe simply a faulty > configuration ? Im using 9.1 on a AMD Geode CPU. > > Thanks in advance. > > Carsten Sonne Larsen > > ______________________________**_________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/**mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@**freebsd.org > " >