From owner-freebsd-questions@FreeBSD.ORG  Thu Dec 13 22:03:09 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F0A8116A46B
	for <freebsd-questions@freebsd.org>;
	Thu, 13 Dec 2007 22:03:09 +0000 (UTC)
	(envelope-from erik@cepheid.org)
Received: from mail.cepheid.org (aleph.cepheid.org [72.232.60.94])
	by mx1.freebsd.org (Postfix) with ESMTP id C1B5613C4DB
	for <freebsd-questions@freebsd.org>;
	Thu, 13 Dec 2007 22:03:09 +0000 (UTC)
	(envelope-from erik@cepheid.org)
Received: by mail.cepheid.org (Postfix, from userid 1006)
	id AB5DC9B4059; Thu, 13 Dec 2007 16:03:08 -0600 (CST)
Date: Thu, 13 Dec 2007 16:03:08 -0600
From: Erik Osterholm <freebsd-lists-erik@erikosterholm.org>
To: Alaor Barroso de Carvalho Neto <alaorneto@gmail.com>
Message-ID: <20071213220308.GA78516@aleph.cepheid.org>
Mail-Followup-To: Erik Osterholm <freebsd-lists-erik@erikosterholm.org>,
	Alaor Barroso de Carvalho Neto <alaorneto@gmail.com>,
	freebsd-questions@freebsd.org
References: <2949641c0712130319p3da37aeci92987c64516dabef@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <2949641c0712130319p3da37aeci92987c64516dabef@mail.gmail.com>
User-Agent: Mutt/1.4.2.3i
Cc: freebsd-questions@freebsd.org
Subject: Re: PF blocking even if set to pass all
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Dec 2007 22:03:10 -0000

On Thu, Dec 13, 2007 at 09:19:03AM -0200, Alaor Barroso de Carvalho Neto wrote:
> Hi guyz, like I've said in other topic, I'm building a BSD box that'll act
> as a gateway between three private networks and the internet. I want that
> each private network can ping to each other, and I can do that till I
> activate my pf firewall. When I do pfctl -e it stop working.
> 
> The output of pfctl -sr is:
> pass in all
> pass out all
> 
> So I guess it would pass anything, why it isn't happening?
> 
> Hugs,
> Alaor

You aren't doing any encapsulation or anything else unusual, are you?
Note that unless you specificy a protocol, pass rules will only match
tcp, udp, or icmp (or the v6 equivalents, I believe.)

Erik