From owner-freebsd-pf@FreeBSD.ORG  Mon Nov  3 23:29:04 2014
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 3F9B33D3
 for <freebsd-pf@freebsd.org>; Mon,  3 Nov 2014 23:29:04 +0000 (UTC)
Received: from na01-bn1-obe.outbound.protection.outlook.com
 (mail-bn1bon0084.outbound.protection.outlook.com [157.56.111.84])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "mail.protection.outlook.com",
 Issuer "MSIT Machine Auth CA 2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id E91F3BA3
 for <freebsd-pf@freebsd.org>; Mon,  3 Nov 2014 23:29:03 +0000 (UTC)
Received: from BLUPR0801MB674.namprd08.prod.outlook.com (10.141.255.11) by
 BLUPR0801MB674.namprd08.prod.outlook.com (10.141.255.11) with Microsoft SMTP
 Server (TLS) id 15.1.11.14; Mon, 3 Nov 2014 23:12:53 +0000
Received: from BLUPR0801MB674.namprd08.prod.outlook.com ([10.141.255.11]) by
 BLUPR0801MB674.namprd08.prod.outlook.com ([10.141.255.11]) with mapi id
 15.01.0011.000; Mon, 3 Nov 2014 23:12:53 +0000
From: David DeSimone <ddesimone@verio.net>
To: Dave Horsfall <dave@horsfall.org>
Subject: RE: Getting tables to work in PF
Thread-Topic: Getting tables to work in PF
Thread-Index: AQHP9xnbTQHXDdnz8k+A79KsL5OFHZxOhISAgAAaBwCAAA5AAIAACkUAgADGcKGAAAqqgA==
Date: Mon, 3 Nov 2014 23:12:52 +0000
Message-ID: <d33209aa2c2e4580928c695d4618d404@BLUPR0801MB674.namprd08.prod.outlook.com>
References: <alpine.BSF.2.00.1411031433070.1220@aneurin.horsfall.org>
 <CAPBZQG2b7=iiGLsj-vtuiaWRUJ-Gk6n9JwCXxVjCMeVEqsuing@mail.gmail.com>
 <alpine.BSF.2.00.1411032002560.1220@aneurin.horsfall.org>
 <CAPBZQG2DKNGSGRNu8+MAdEtyH5vj85dpxRUY2kMwDOZ44f7PJA@mail.gmail.com>
 <alpine.BSF.2.00.1411032123560.1220@aneurin.horsfall.org>
 <BD387CA3-84BE-4BA1-8943-BD77539D8E08@lafn.org>
 <alpine.BSF.2.00.1411040921240.1220@aneurin.horsfall.org>
In-Reply-To: <alpine.BSF.2.00.1411040921240.1220@aneurin.horsfall.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [173.74.209.33]
x-microsoft-antispam: BCL:0;PCL:0;RULEID:;SRVR:BLUPR0801MB674;
x-exchange-antispam-report-test: UriScan:;
x-forefront-prvs: 0384275935
x-forefront-antispam-report: SFV:NSPM;
 SFS:(10009020)(6009001)(189002)(24454002)(13464003)(377454003)(199003)(33646002)(110136001)(95666004)(107046002)(106116001)(50986999)(105586002)(106356001)(87936001)(15202345003)(2656002)(97736003)(77156002)(54356999)(31966008)(15975445006)(120916001)(19580395003)(76576001)(76176999)(64706001)(93886004)(122556002)(20776003)(99396003)(108616004)(92566001)(101416001)(66066001)(4396001)(40100003)(86362001)(19580405001)(21056001)(46102003)(74316001)(62966003)(24736002);
 DIR:OUT; SFP:1101; SCL:1; SRVR:BLUPR0801MB674;
 H:BLUPR0801MB674.namprd08.prod.outlook.com; FPR:; MLV:sfv; PTR:InfoNoRecords;
 MX:1; A:1; LANG:en; 
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: verio.net
Cc: FreeBSD PF List <freebsd-pf@freebsd.org>
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Nov 2014 23:29:04 -0000

The message " pfctl: DIOCSETSTATUSIF" indicates that pfctl is bombing out b=
efore it actually loads the rules into the kernel.  It's a rather unhelpful=
 message, since it does not point out the source of the problem, though.

A little web searching turned up that most likely your pf.conf references a=
 nonexistent interface name.  Looking through your pf.conf, either your "fx=
p0" interface doesn't exist, or more likely it's this line:

    set skip on lo

I'm pretty sure the loopback name should be "lo0" instead of just "lo".


-----Original Message-----
From: owner-freebsd-pf@freebsd.org [mailto:owner-freebsd-pf@freebsd.org] On=
 Behalf Of Dave Horsfall
Sent: Monday, November 03, 2014 4:31 PM
To: FreeBSD PF List
Subject: Re: Getting tables to work in PF

On Mon, 3 Nov 2014, Doug Hardie wrote:

> What happens when you run:  pfctl -f /etc/pf.conf

aneurin# pfctl -f /etc/pf.conf
No ALTQ support in kernel
ALTQ related functions disabled
pfctl: DIOCSETSTATUSIF

> I suspect you have something in /etc/rc.conf giving a different file for
> the default pf config file.  Your pf.conf file has a bunch of rules,
> none of which are shown in the pfctl output.

That's what I thought, but:

a) it flags syntax errors.

b) it's reading the /etc/spammers file.

--
Dave Horsfall (VK2KFU)  "Bliss is a MacBook with a FreeBSD server."
http://www.horsfall.org/spam.html (and check the home page whilst you're th=
ere)
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
This email message is intended for the use of the person to whom it has bee=
n sent, and may contain information that is confidential or legally protect=
ed. If you are not the intended recipient or have received this message in =
error, you are not authorized to copy, distribute, or otherwise use this me=
ssage or its attachments. Please notify the sender immediately by return e-=
mail and permanently delete this message and any attachments. Verio Inc. ma=
kes no warranty that this email is error or virus free. Thank you.