On Sat, May 14, 2005 at 03:48:51PM +0100, Stephen Marley wrote: > In a nutshell, with a pf.conf file containing only the word "pass", when > pf is enabled, my router can't forward DNS replies from the gre/ipsec > tunnel to the originating interface, yet it works fine after pfctl -d.
What do you see in pflog0 when /etc/pf.conf contains the two words: "pass log"?
