> Quick question within regards to the command that you suggest I run. > > Dont mean to sound like a complete idiot, but what am I exactly looking for > here? > > I see the output, im just trying to decypher it now.
an example: # cat nat.conf nat on xl0 from 172.22.22.0/24 to any -> xl0 # cat nat.conf.bad nat on xl0 from 172.22.22.0/24 to any -> xl0 # head -n 8 nat.conf | tail -n 1 | hexdump -C 00000000 6e 61 74 20 6f 6e 20 78 6c 30 20 66 72 6f 6d 20 |nat on xl0 from | 00000010 31 37 32 2e 32 32 2e 32 32 2e 30 2f 32 34 20 74 |172.22.22.0/24 t| 00000020 6f 20 61 6e 79 20 2d 3e 20 78 6c 30 0a |o any -> xl0.| 0000002d # head -n 8 nat.conf.bad | tail -n 1 | hexdump -C 00000000 6e 61 74 20 6f 6e 20 78 6c 30 20 66 72 6f 6d 20 |nat on xl0 from | 00000010 31 37 32 2e 32 32 2e 32 32 2e 30 2f 32 34 20 74 |172.22.22.0/24 t| 00000020 6f 20 61 6e 79 20 2d 3e 20 78 6c 30 0d 0a |o any -> xl0..| 0000002e first we see that both nat.conf and nat.conf.bad look the same. then we run 'hexdump -C' so that we can also see unprintable characters. note that nat.conf shows only one '.' at the end whereas nat.conf.bad shows '..' this indicates there is an unprintable character in nat.conf.bad nd so even though cat shows them both the same, they are different. fyi, i had inserted a ^M in nat.conf.bad - which was otherwise a copy of nat.conf - by typing, in vi insert mode, ctrl-v ctrl-enter running hexdump will show you every character, including unprintable ones which may annoy 'pfctl -N' and cause it to report bad command errors. -f http://www.blackant.net/
