On Mon, Nov 09, 2015 at 08:18:32AM -0500, Shawn Webb wrote:
> I'm using iocage for jailing.
> It's now looking like pf is back to being broken for me. I've tried every 
> combination possible, even hardcoding the values:
> nat on wlan0 from {,} to any ->
> pass in
> pass out
> I have zero idea why this isn't working. It seems that from the 
> documentation, 
> I'm doing everything right. I can see from tcpdump that the packets are 
> getting forwarded, but without the src IP address being rewritten to 
> tcpdump output for a single ICMP packet, pinging to
> 08:12:30.544462 IP > ICMP echo request, id 28131, seq 0, 
> length 64
> That src IP should say

I found the problem: it seems that the new Intel Haswell graphics
support (which I've been running with) is at odds somehow with pf NAT.
Removing Haswell graphics support means working pf NAT.


Shawn Webb

GPG Key ID:          0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89  3D9E 6A84 658F 5245 6EEE

Attachment: pgpK8LBaWhTDU.pgp
Description: PGP signature

Reply via email to