On 7/6/23 06:14, Why 42? The lists account. wrote:
Hi,
I see that I was not clear enough.
You were not. One of the first things in your initial e-mail was the
following:
"While trying to debug the issue, it occurred to me that it could be a
network / pf problem. This doesn't seem to be the issue though, even
after I disable pf (pfctl -d), the scanner is still not seen."
Is it a pf problem or not? If it is the case your "scanner" thing
doesn't work with pf disabled and no active rules, then this entire
thread makes no sense as you are focusing on something that is not
relevant.
Next steps. Disable pf _and_ flush the rules. Confirm there are no
active rules with pfctl -s all. Run the following:
tcpdump -ntt -i em0 -w pkts.dat &
Check if your "scanner" thing works.
Case 1: it doesn't work. Reply to this thread closing it due to the
completely irrelevant nature of both its title and content since you
have an entirely separate issue you need to solve first. If you are
unable to figure it out, then start a new thread with a more relevant
title where you only focus on things that matter. The only part of that
thread that should mention pf is how you have it completely disabled,
so you know it is something else. In that thread include the contents
of the tcpdump.
Case 2: it does work. Reply to this thread retracting you false claim
that pf "doesn't seem to the the issue". In that response include the
contents of the tcpdump.
For added clarity, this tcpdump you show is with pf disabled and all
its rules flushed. The tcpdump you showed in the initial e-mail
clearly was with active pf rules.
In the event that you require some form of traffic manipulation (e.g.,
NAT), then obviously you cannot disable pf. In that situation, make
sure your pf.conf rules only contain something similar to the following:
set skip on lo
pass out quick on <external_interface> inet from { <lan_0>:network
<lan_1>:network ... <lan_n>:network } nat-to <external_ip> static-port
pass quick
