https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=206143
--- Comment #26 from Anatoly <anat...@kazanfieldhockey.ru> --- I see no problem with rules, but they are referring to two address tables that is used as "blacklists": snort2c and webConfiguratorlockout. Can you show me content of those tables (while ue0 as lan): #pfctl -t snort2c -T show #pfctl -t webConfiguratorlockout -T show And your nat/redirect rules also: #pfctl -s nat The other situation I can think of is if ue0 disappears from the system (for some USB related matters) after pf rules was loaded. And when it appears back, pf may have troubles to handle it (although it must). Can you check output of #dmesg or /var/log/messages to see if some USB disconnects of ue0 occurs? Anyway, in such a situations clearing firewall state and reloading rules again may help. You may try: Just for sure #pfctl -d Test. #pfctl -e Clear pf state tables: #pfctl -F state Test. Clear pf address tables (your blacklists e.t.c.) #pfctl -F Tables Test. Now you need pf config (rules) file to reload. Simplest is to dump existing rules: #pfctl -s rules > aa (it's like previously created 'a', but without anchors information. You may also use 'a' but it needs to remove by hand all "anchor "*" all { }") Check that file isn't empty. This file will not contain nat/redirects, but enough for test. Or, in FreeBSD default location for pf config that is applied at boot is /etc/pf.conf. You may examine that file to see if it contain similar rules and have right modification date. Clear everything: #pfctl -F all Load rules back: #pfctl -f aa See if no errors occurs. Test. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ freebsd-usb@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-usb To unsubscribe, send any mail to "freebsd-usb-unsubscr...@freebsd.org"