On 2/27/07, Gustavo Rios <[EMAIL PROTECTED]> wrote:
Could you send your pf.conf entirely?
On 2/27/07, Frans Haarman <[EMAIL PROTECTED]> wrote:
> # tcpdump -e -ttt -n -i pflog0
> tcpdump: WARNING: pflog0: no IPv4 address assigned
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96
bytes
> 000000 rule 4294967295/unkn(8): pass in on bge0: 172.16.10.89 >
> 224.0.0.22: igmp v3 report, 1 group record(s)
> 001063 rule 4294967295/unkn(8): pass in on bge0: 172.16.10.89 >
> 224.0.0.22: igmp v3 report, 1 group record(s)
> 875640 rule 4294967295/unkn(8): pass in on bge0: 172.16.10.89 >
> 224.0.0.22: igmp v3 report, 1 group record(s)
>
> I dont remember setting any log options in PF! But this is what I
> get.... Am I supposed to see this or is my setup broken ? ;)
>
>
rdr-anchor bge0-rdr
nat-anchor bge0-nat
#rdr on bge0 from any to 10.110.1.1 tag tun0 -> 192.168.1.1
#nat on tun0 inet from any to 192.168.1.1 -> tun0
#pass in log on bge0 route-to tun0 tagged tun0 keep state
anchor bge0-rules
This happend when playing with anchors. It seems to me the anchors did
not get flushed when I restarted PF! I am now thinking an old anchor
rule was responisble for this behaviour.
I do not understand however how this whole anchor stuff works,
investigating a bit further:
DEVEL# pfctl -a bge0-rdr -s nat
rdr on bge0 inet from any to 10.110.1.1 tag tun1 -> 192.168.1.1
DEVEL# pfctl -a all -F nat
nat cleared
DEVEL# pfctl -a bge0-rdr -s nat
rdr on bge0 inet from any to 10.110.1.1 tag tun1 -> 192.168.1.1
DEVEL# pfctl -F nat
nat cleared
DEVEL# pfctl -a bge0-rdr -s nat
rdr on bge0 inet from any to 10.110.1.1 tag tun1 -> 192.168.1.1
It would be nice to know how I flush all Anchors! I am using the PF
which comes with FreeBSD-6.1-RELEASE. I will try to test it on
openbsd when I can. Dont know if there
have been any changes to pf & anchors!
Gr. FH
