From owner-freebsd-pf@FreeBSD.ORG Fri Nov 30 12:09:49 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1C392B04 for ; Fri, 30 Nov 2012 12:09:49 +0000 (UTC) (envelope-from ml@my.gd) Received: from mail-wi0-f180.google.com (mail-wi0-f180.google.com [209.85.212.180]) by mx1.freebsd.org (Postfix) with ESMTP id 902DA8FC13 for ; Fri, 30 Nov 2012 12:09:47 +0000 (UTC) Received: by mail-wi0-f180.google.com with SMTP id hj13so173746wib.13 for ; Fri, 30 Nov 2012 04:09:46 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=OzTaH403Iq/eXdQxYQh+K8quh0aCo1IKvjuoaDgqB+g=; b=CbvCTLR+hIHqamtqK8RF5OHmc32Hn3iQMFAandDP9QXfEeH36h+ge2Dx/khwOBbLZs 9nLQj24CeYq5jSI8MLjPXX/Y6vqrsKzGL50GjRJBMPGZ4mqTzHXZvfwgoFpRdN+fow6k xLmJ/jKaJH41pxLDj6sy4BW6p1qekNzhr0UPIh1/7iuHorrMQaLqFy7dkqDab88tlipE 6V/01lzS7ssizMkpL385zRaShgvMcUstAIn8LzkT4uiCsGLDRkEohX/JNgcsEzqIidLO UjT2Rru0sYniKAL8vsJHUb/B9HzkHFIvZGwV2Dqr4xb9HdPRlrtAeTxb+UmssgkQAZXL /R6g== Received: by 10.216.143.101 with SMTP id k79mr381031wej.179.1354277386706; Fri, 30 Nov 2012 04:09:46 -0800 (PST) Received: from dfleuriot-at-hi-media.com ([83.167.62.196]) by mx.google.com with ESMTPS id y3sm15005340wix.6.2012.11.30.04.09.44 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 30 Nov 2012 04:09:45 -0800 (PST) Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) Subject: Re: pfctl -s rules From: Fleuriot Damien In-Reply-To: <21296179F7C744CE89529A0027FBE9DA@yahoo.com> Date: Fri, 30 Nov 2012 13:09:43 +0100 Message-Id: References: <49BF4308335C496593D1D7C82391C805@yahoo.com> <21296179F7C744CE89529A0027FBE9DA@yahoo.com> To: Laszlo Danielisz X-Mailer: Apple Mail (2.1499) X-Gm-Message-State: ALoCoQnU0XbeOgUS7irz0gyZCE/LIQF+oG8i8SUzKMIdapt9mjEMjcDmtkf1c6vnGlnIb1Xyy0iv Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Nov 2012 12:09:49 -0000 Okay kindly paste: # pfctl -vnf /etc/pf.conf Let's see if your rules show up. If that works, try # pfctl -f /etc/pf.conf Be aware this will should load your rules and enable them, be careful = not to cut yourself off. If this works, a likely explanation is that pf tried to load rules at = boot and failed for some reason (interface not created at the time, for = example). Also post: # grep pf /etc/rc.conf On Nov 30, 2012, at 1:06 PM, Laszlo Danielisz = wrote: > Nothing is displayed=20 >=20 > ktulu# pfctl -nf /etc/pf.conf > ktulu#=20 >=20 > --=20 > Laszlo Danielisz > Sent with Sparrow >=20 > On 2012 November 30 Friday at 12:02 PM, Fleuriot Damien wrote: >=20 >>=20 >> On Nov 30, 2012, at 12:00 PM, Laszlo Danielisz = wrote: >>=20 >>> Hi Everybody, >>>=20 >>> Recently I've discover the following issues: I can't display my = firewalls rules, and the firewall is enabled. >>> Take a look what is happening: >>>=20 >>> ktulu# pfctl -s rules >>> No ALTQ support in kernel >>> ALTQ related functions disabled >>> ktulu# pfctl -e >>> No ALTQ support in kernel >>> ALTQ related functions disabled >>> pfctl: pf already enabled >>>=20 >>> ktulu# uname -a >>> FreeBSD ktulu.danielisz.eu 8.3-RELEASE-p3 FreeBSD 8.3-RELEASE-p3 #0: = Mon Jun 11 23:52:38 UTC 2012 = root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 >>>=20 >>>=20 >>>=20 >>> Do you have any idea why I can not see them? >>>=20 >>> Thx! >>> Laszlo >>=20 >>=20 >>=20 >> Actually, I believe you can see your rules, all the 0 of them. >>=20 >> Try pfctl -nf /etc/pf.conf >>=20 >> See if you have an error when loading the rules, that would explain = it all. >=20