From owner-freebsd-net@freebsd.org Wed Dec 2 15:52:58 2015 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 36BD3A3EB34 for ; Wed, 2 Dec 2015 15:52:58 +0000 (UTC) (envelope-from daniel.bilik@neosystem.cz) Received: from mail.neosystem.cz (mail.neosystem.cz [94.23.169.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ECD711922; Wed, 2 Dec 2015 15:52:57 +0000 (UTC) (envelope-from daniel.bilik@neosystem.cz) Received: from mail.neosystem.cz (unknown [127.0.10.15]) by mail.neosystem.cz (Postfix) with ESMTP id 073C7B339; Wed, 2 Dec 2015 16:52:49 +0100 (CET) X-Virus-Scanned: amavisd-new at mail.neosystem.cz Received: from dragon.sn.neosystem.cz (unknown [IPv6:2001:41d0:2:5ab8::100:101]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.neosystem.cz (Postfix) with ESMTPSA id 5F691B332; Wed, 2 Dec 2015 16:52:47 +0100 (CET) Date: Wed, 2 Dec 2015 16:48:05 +0100 From: Daniel Bilik To: Julian Elischer Cc: freebsd-net@freebsd.org Subject: Re: Outgoing packets being sent via wrong interface Message-Id: <20151202164805.575ce2d315fc8708f660d861@neosystem.cz> In-Reply-To: <20151201121645.dbcf4bf900fd657a6e4ae3b4@neosystem.cz> References: <20151120155511.5fb0f3b07228a0c829fa223f@neosystem.org> <20151120163431.3449a473db9de23576d3a4b4@neosystem.org> <20151121212043.GC2307@vega.codepro.be> <20151122130240.165a50286cbaa9288ffc063b@neosystem.cz> <20151125092145.e93151af70085c2b3393f149@neosystem.cz> <20151125122033.GB41119@in-addr.com> <20151127101349.752c94090e78ca68cf0f81fc@neosystem.org> <56597CB5.7030307@freebsd.org> <20151130101838.e59be3db0eb3922d87544b16@neosystem.cz> <565C6F86.7090108@freebsd.org> <20151201090332.09b038935b8eabf33288c24c@neosystem.cz> <565D7552.30806@freebsd.org> <20151201121645.dbcf4bf900fd657a6e4ae3b4@neosystem.cz> X-Mailer: Sylpheed 3.4.3 (GTK+ 2.24.28; x86_64-portbld-dragonfly4.5) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2015 15:52:58 -0000 On Tue, 1 Dec 2015 12:16:45 +0100 Daniel Bilik wrote: > But next time it happens, I'll try to reload pf rules, and also to > disable pf completely... Done. First I've tried to flush nat... # pfctl -f /etc/pf.conf -F nat -O -N nat cleared ... then rules... # pfctl -f /etc/pf.conf -F rules -O -R -Tl rules cleared ... but neither has helped. Ping to affected host has been reporting the known error all the time... ping: sendto: Operation not permitted Next, I've disabled pf completely... # pfctl -d pf disabled ... which changed ping error message to... ping: sendto: Host is down ... and tcpdump(1) confirmed that packets are still going via wrong interface... # tcpdump -i re0 -n icmp 07:54:44.538326 IP 82.x.y.50 > 192.168.2.33: ICMP echo request, id 54720, seq 24, length 64 ... now not being dropped by pf, but without any echo response (for obvious reasons). Again, refreshing default route solved the problem instantly. -- Dan