Date: Tue, 24 Nov 2009 18:02:42 -0500 From: Brian McCann <bjmccann@gmail.com> To: freebsd-questions <freebsd-questions@freebsd.org> Subject: pf nuttyness Message-ID: <2b5f066d0911241502x2395b7aey328455f67a9b5d6@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I'm at the end of my rope here with PF. I have a ruleset loaded, that
is long and complicated...but I've shortened to to a "pass all" rule.
The box has 4 interfaces, one for pfsync, one for me to connect to it,
and two bridged interfaces. The only traffic on the bridged
interfaces is STP and IP multicast traffic from my EIGRP routers.
When I run "pfctl -s rules -v", the EIGRP multicast traffic never hits
any rules...yet it's allowed.
I'm on FreeBSD 7.1.
Has anyone else come across this before? I'm ready to throw out
FreeBSD 7.1 and try OpenBSD for pf use...which would be a shame since
I use FreeBSD for all my other servers, and having 2 OpenBSD boxes
would just be... weird...
--Brian
--
_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_
Brian McCann
"I don't have to take this abuse from you -- I've got hundreds of
people waiting to abuse me."
-- Bill Murray, "Ghostbusters"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2b5f066d0911241502x2395b7aey328455f67a9b5d6>