Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 21 Jan 2016 01:53:16 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-usb@FreeBSD.org
Subject:   [Bug 206143] DLINK DUB-E100 revision C1 can't reach destination
Message-ID:  <bug-206143-17-urFngsMOdR@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-206143-17@https.bugs.freebsd.org/bugzilla/>
References:  <bug-206143-17@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D206143

--- Comment #26 from Anatoly <anatoly@kazanfieldhockey.ru> ---
I see no problem with rules, but they are referring to two address tables t=
hat
is used as "blacklists": snort2c and webConfiguratorlockout. Can you show me
content of those tables (while ue0 as lan):
#pfctl -t snort2c -T show
#pfctl -t webConfiguratorlockout -T show
And your nat/redirect rules also:
#pfctl -s nat

The other situation I can think of is if ue0 disappears from the system (for
some USB related matters) after pf rules was loaded. And when it appears ba=
ck,
pf may have troubles to handle it (although it must). Can you check output =
of
#dmesg or /var/log/messages to see if some USB disconnects of ue0 occurs?
Anyway, in such a situations clearing firewall state and reloading rules ag=
ain
may help. You may try:
Just for sure
#pfctl -d
Test.
#pfctl -e
Clear pf state tables:
#pfctl -F state
Test.
Clear pf address tables (your blacklists e.t.c.)
#pfctl -F Tables
Test.
Now you need pf config (rules) file to reload. Simplest is to dump existing
rules:
#pfctl -s rules > aa
(it's like previously created 'a', but without anchors information. You may
also use 'a' but it needs to remove by hand all "anchor "*" all { }") Check
that file isn't empty. This file will not contain nat/redirects, but enough=
 for
test.
Or, in FreeBSD default location for pf config that is applied at boot is
/etc/pf.conf. You may examine that file to see if it contain similar rules =
and
have right modification date.
Clear everything:
#pfctl -F all
Load rules back:
#pfctl -f aa
See if no errors occurs. Test.

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-206143-17-urFngsMOdR>