On Wed, Oct 22, 2003 at 08:40:24AM -0400, Daniel Corbe wrote: > Will "pass in quick on $if proto ospf all" and "pass out quick on $if proto > ospf all" work for unicast packets? (IE does pf's parsing of /etc/protocols > acctually work?)
Well, let's try $ echo "pass in quick on kue0 proto ospf all" | pfctl -nvf - pass in quick on wi0 proto ospf all That means the rule parsed correctly and will load fine (with a recent system). If packets get blocked, add 'log' to all block rules and check pflog. Show a complete hexdump (tcpdump -nvvvXr /var/log/pflog) of an OSPF packet that got blocked, add the output of pfctl -vvsr. Daniel
