While running pftop, or pfctl -vvs state, I see a lot of traffic from the firewall machine to itself over the internal LAN interface port. I am not sure what service would route something out a local interface to itself; it feels more like a misconfiguration. Thoughts ?
George --------- Local interface IP is 192.168.1.2 Selection from pfctl -vvs state: lo0 tcp 192.168.1.2:33733 -> 192.168.1.2:3493 ESTABLISHED:ESTABLISHED [4294086078 + 16384] wscale 0 [2714128582 + 16384] wscale 0 age 140:42:35, expires in 23:59:59, 202219:101111 pkts, 13548662:8392110 bytes, rule 6 id: 437a9e8000000127 creatorid: b74efa82 lo0 tcp 192.168.1.2:3493 <- 192.168.1.2:33733 ESTABLISHED:ESTABLISHED [2714128582 + 16384] wscale 0 [4294086078 + 16384] wscale 0 age 140:42:35, expires in 23:59:59, 202219:101111 pkts, 13548662:8392110 bytes, rule 6 id: 437a9e8000000128 creatorid: b74efa82 Rule 6: @6 pass quick on lo0 all keep state (if-bound) [ Evaluations: 140194 Packets: 612050 Bytes: 47369302 States: 2 ] [ Inserted: uid 0 pid 7115 ]
