Date: Fri, 17 May 2013 13:47:04 -0500 From: Manoj Ganesan <manoj.ganesan@gmail.com> To: "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org> Subject: Anchor evaluation Message-ID: <CAOtNLg%2BRghjeG8izpe2%2BmidF913K0T4AuNg%2BN-iuz9qzH-dpUg@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I'm probably doing something very silly here, which I can't figure out. I'm trying to get an anchor to be evaluated, but I can't seem to get traffic to go through. My /etc/pf.conf looks like: rdr pass log on ix0 proto udp from 10.0.111.61 to any port 1234 -> 10.0.211.62 port 4321 nat pass log on ix0 from 10.0.211.62 port 4321 to 10.0.111.61 -> 10.0.111.71 port 1234 pass out all I want to replace these by an anchor like so (my /etc/pf.conf looks like): anchor my_anchor load anchor gamenode from "/usr/home/my_user/my_anchor" where the /usr/home/my_user/my_anchor looks like: rdr pass log on ix0 proto udp from 10.0.111.61 to any port 1234 -> 10.0.211.62 port 4321 nat pass log on ix0 from 10.0.211.62 port 4321 to 10.0.111.61 -> 10.0.111.71 port 1234 pass out all But while the anchor-less case lets packets through, the anchor case doesn't. Am I doing something wrong here? Thanks! Manoj
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOtNLg%2BRghjeG8izpe2%2BmidF913K0T4AuNg%2BN-iuz9qzH-dpUg>