On Wed, Jul 11, 2012 at 11:52:41AM +0200, Peter J. Philipp wrote:
> On Tue, Jul 10, 2012 at 09:34:04PM +0200, Peter J. Philipp wrote:
>
> > # pfctl -srules
> > pass all flags S/SA
> > block drop in on ! lo0 proto tcp from any to any port 6000:6010
> > block drop in on re0 inet from <fuckoff> to any
> > pass in on re0 inet proto udp from any to any port = 53 scrub (reassemble
> > tcp) divert-packet port 9999
>
> I have taken the code from divert(4) manpage and applied it to the above
> divert-packet rule. Here is what I see:
>
> # ./testd
> 192.168.4.1:41863 -> 192.168.4.2:53
> 192.168.4.2:53 -> 192.168.4.1:41863
>
> But the packets never make it out to host 192.168.4.1 at all, they get dropped
> somewhere. netstat -s says there is no error on the divert: section.
>
> > Any small hint would be appreciated,
>
> -peter
Obvious thing to check: return value from sendto(2).
-Otto
