Hi Alexandr, Of course! I've redacted parts of the IP addresses though, but left enough to make them useful (I hope), if needed.
--8<-- match in on egress all scrub (no-df random-id max-mss 1280) block drop in on ! egress inet6 from 2a05:f480:<redacted>::/64 to any block drop in on ! egress inet from 70.<redacted>.0/23 to any block drop in on vio0 inet6 from fe80::5400:5ff:fe87:389f to any block drop in inet6 from 2a05:f480:<redacted>:389f to any block drop in inet from 70.<redacted>.112 to any pass in quick on egress inet6 proto tcp from 2a05:f480:<redacted>:389f to 2a05:f480:<redacted>:389f port = 22 flags S/FSRA set (prio 7) pass in quick on egress inet6 proto tcp from 2a05:f480:<redacted>:4276 to 2a05:f480:<redacted>:389f port = 22 flags S/FSRA set (prio 7) pass in quick on egress inet6 proto tcp from 2a05:f480:<redacted>:69ab to 2a05:f480:<redacted>:389f port = 22 flags S/FSRA set (prio 7) pass in quick on egress inet proto tcp from <__automatic_a96e4b04_0> to 70.<redacted>.112 port = 22 flags S/FSRA set (prio 7) block drop in quick from <shitheads> to any block drop in quick from urpf-failed to any block drop in quick from no-route to any block drop in quick inet proto udp from any to 239.255.255.0/24 block drop log all pass in quick on egress inet6 proto ipv6-icmp all icmp6-type toobig max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet6 proto ipv6-icmp all icmp6-type timex max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet6 proto ipv6-icmp all icmp6-type echoreq max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet6 proto ipv6-icmp all icmp6-type routersol max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet6 proto ipv6-icmp all icmp6-type routeradv max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet6 proto ipv6-icmp all icmp6-type neighbrsol max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet6 proto ipv6-icmp all icmp6-type neighbradv max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet6 proto ipv6-icmp all icmp6-type redir max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet proto icmp all icmp-type echorep max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet proto icmp all icmp-type unreach max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet proto icmp all icmp-type squench max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet proto icmp all icmp-type echoreq max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet proto icmp all icmp-type timex max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet proto icmp all icmp-type trace max-pkt-rate 10/3 set (prio 0) pass in quick on egress inet proto tcp from 70.<redacted>.112 to 70.<redacted>.112 port = 5432 flags S/FSRA set (prio 3) pass in quick on egress inet proto tcp from 78.<redacted>.101 to 70.<redacted>.112 port = 5432 flags S/FSRA set (prio 3) pass in quick on egress inet proto tcp from 65.<redacted>.91 to 70.<redacted>.112 port = 5432 flags S/FSRA set (prio 3) pass in quick on egress inet6 proto tcp from 2a05:f480:<redacted>:389f to 2a05:f480:<redacted>:389f port = 5432 flags S/FSRA set (prio 3) pass in quick on egress inet6 proto tcp from 2a05:f480:<redacted>:4276 to 2a05:f480:<redacted>:389f port = 5432 flags S/FSRA set (prio 3) pass in quick on egress inet6 proto tcp from 2a05:f480:<redacted>:69ab to 2a05:f480:<redacted>:389f port = 5432 flags S/FSRA set (prio 3) pass in quick on egress inet6 proto tcp from any to 2a05:f480:<redacted>:389f port = 80 flags S/FSRA set (prio 3) pass in quick on egress inet6 proto tcp from any to 2a05:f480:<redacted>:389f port = 443 flags S/FSRA set (prio 3) pass in quick on egress inet proto tcp from any to 70.<redacted>.112 port = 80 flags S/FSRA set (prio 3) pass in quick on egress inet proto tcp from any to 70.<redacted>.112 port = 443 flags S/FSRA set (prio 3) pass out all flags S/SA --8<-- Jesper Wallin On Fri, Nov 28, 2025 at 09:11:33AM +0100, Alexandr Nedvedicky wrote: > Hello Jesper, > > thank you for report. can you share rules which are loaded > to kernel when crash happens? > output of 'pfctl -sr' should be sufficient. > > thanks a lot > regards > sashan
