On Mon, Nov 09, 2015 at 08:18:32AM -0500, Shawn Webb wrote:
> I'm using iocage for jailing.
> It's now looking like pf is back to being broken for me. I've tried every 
> combination possible, even hardcoding the values:
> nat on wlan0 from {,} to any ->
> pass in
> pass out
> I have zero idea why this isn't working. It seems that from the 
> documentation, 
> I'm doing everything right. I can see from tcpdump that the packets are 
> getting forwarded, but without the src IP address being rewritten to 
> tcpdump output for a single ICMP packet, pinging to
> 08:12:30.544462 IP > ICMP echo request, id 28131, seq 0, 
> length 64
> That src IP should say

I found the problem: it seems that the new Intel Haswell graphics
support (which I've been running with) is at odds somehow with pf NAT.
Removing Haswell graphics support means working pf NAT.


