List, Forgive me, I'm only smart enough to get myself into trouble unfortunately.
My PF edge router has been cruising along for sometime now (years) without problems, doing just ask I ask of it. For some reason today it decided to stop serving webpages from my internal webserver. NOTHING changed anywhere to the best of my knowledge. I'm the only user on all of the servers in question, so if something did change then I was "haxored".
The only thing that has broken apparently is inbound webpage redirects. I'm still getting my E-mail, I'm still browsing the Internet, and that's about all that I care about.
I tcpdumped each step. You can see it coming in on the pppoe0, going through pflog0 and then out on the internal NIC xl0, but the webserver doesn't see it coming in on it's NIC fxp0. What's really weird is that if I change my pf.conf to redirect to a different host it works. Also if I try to look at webpages on the main webserver from the PF router (or anywhere else on the internal LAN) they serve up fine. It's only when PF has to redirect the pages to THAT SPECIFIC HOST that it falls apart.
I will repeat that using different words so as to not confuse anyone: logged into the edge router in question, "lynx internal_webserver" works just fine, but from the outside world browsing to "jrssite.com" or even my public IP do not work (see for yourself). If I change my "rdr" rule to a different IP (all of my internal stuff is IP based, no internal DNS) with apache running it works fine, inside or outside.
Can anyone make sense of why this would happen knowing that my pf rules didn't change from the time that it did work to the time it didn't? Give me any sort of direction to head before I have to rebuild my webserver?
If you need my pf.conf or any pfctl outputs etc, just suggest so, but I really don't think they affect this problem considering the symptoms and my current diagnostic steps. I don't want to go through and anonymize them if I don't have to.
Thank you in advance JR
