From owner-freebsd-questions@FreeBSD.ORG Wed Nov 25 19:15:13 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B6364106566B for ; Wed, 25 Nov 2009 19:15:13 +0000 (UTC) (envelope-from mksmith@adhost.com) Received: from mail-in04.adhost.com (mail-in04.adhost.com [216.211.128.134]) by mx1.freebsd.org (Postfix) with ESMTP id 68B7E8FC16 for ; Wed, 25 Nov 2009 19:15:13 +0000 (UTC) Received: from ad-exh01.adhost.lan (exchange.adhost.com [216.211.143.69]) by mail-in04.adhost.com (Postfix) with ESMTP id 83856614F6E; Wed, 25 Nov 2009 11:15:12 -0800 (PST) (envelope-from mksmith@adhost.com) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Wed, 25 Nov 2009 11:15:10 -0800 Message-ID: <17838240D9A5544AAA5FF95F8D520316071DE809@ad-exh01.adhost.lan> In-Reply-To: <2b5f066d0911241502x2395b7aey328455f67a9b5d6@mail.gmail.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: pf nuttyness Thread-Index: AcptWkZ5jUCwQ6NrSUukk+fxuS7pRQAqOHsg References: <2b5f066d0911241502x2395b7aey328455f67a9b5d6@mail.gmail.com> From: "Michael K. Smith - Adhost" To: "Brian McCann" , "freebsd-questions" Cc: Subject: RE: pf nuttyness X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Nov 2009 19:15:13 -0000 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd- > questions@freebsd.org] On Behalf Of Brian McCann > Sent: Tuesday, November 24, 2009 3:03 PM > To: freebsd-questions > Subject: pf nuttyness >=20 > I'm at the end of my rope here with PF. I have a ruleset loaded, that > is long and complicated...but I've shortened to to a "pass all" rule. > The box has 4 interfaces, one for pfsync, one for me to connect to it, > and two bridged interfaces. The only traffic on the bridged > interfaces is STP and IP multicast traffic from my EIGRP routers. > When I run "pfctl -s rules -v", the EIGRP multicast traffic never hits > any rules...yet it's allowed. >=20 > I'm on FreeBSD 7.1. >=20 > Has anyone else come across this before? I'm ready to throw out > FreeBSD 7.1 and try OpenBSD for pf use...which would be a shame since > I use FreeBSD for all my other servers, and having 2 OpenBSD boxes > would just be... weird... >=20 > --Brian >=20 For troubleshooting, try this: Block in all log (remove all other log statements) tcpdump -n -e -ttt -i pflog0 That's provided you set up a pflog0 interface. If not, add this to rc.conf pflog_enable=3D"YES" pflog_logfile=3D"/var/log/pflog" and 'ifconfig pflog0 up' Mike