If I want to forward all ip traffic verbatim to a loghost/ids machine, would the following rules suffice?
# forward stuff to our loghost/IDS pass in log on $ext_if dup-to $dmz_if all pass out log quick on $dmz_if all block in log quick on $dmz_if all I have added this in as the first rules, before all of the block default stanzis and logging options. However, none of the traffic visible on $ext_if is visible on $dmz_if inbound $dmz_if seems to squelch packets fine, according to pflog0 What have I missed here? Marco -> 3.2 release
