On Mon, 2002-12-16 at 19:50, Shawn Mitchell wrote: > Dosn't matter what IP address on any interface you ping. All comes back > with the same thing. > > I turned on logging to see what wasn't making and such. I'm seeing DNS > requests getting blocked... > > Routing is not an issue. The packets (ICMP, et al) are getting blocked. > > I do a pfctl -f /etc/pf.conf -e and I can't ping anything... I do a > pfctl -d to turn it off... and everything goes back to working just fine.
Sure sounds to me like you're blocking traffic to/from your gateway. I assume you've studied your logs? All of your block rules appear to be logging, so I'm not sure why we haven't seen any mention of what might be (or might not be) appearing in your log. Run "tcpdump -nettti pflog0" as you run your ping tests. That will tell you which rule is causing your headache. Then run "pfctl -s rules | grep <rule #>" to find out which one it is. Honestly, your ruleset is giving *me* headaches just looking at it. Your background with Linux (that's not a rip; hell, I'm an rhce) certainly shows. Try to avoid the default behavior towards quick unless you're really sure that's what you want. You don't need to worry about performance... skip steps really avoids the extra processing overhead. -J.
