Date: Fri, 22 Jan 2010 02:34:38 -0800 From: Doug Hardie <bc979@lafn.org> To: Erik Norgaard <norgaard@locolomo.org> Cc: freebsd-questions - <freebsd-questions@freebsd.org> Subject: Re: pf rules Message-ID: <772FAD6A-C534-4217-9AA7-274561879E86@lafn.org> In-Reply-To: <4B5973AD.8070603@locolomo.org> References: <4B594FC0.3010200@el.net> <4B5973AD.8070603@locolomo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 22 January 2010, at 01:45, Erik Norgaard wrote: > To debug pf rules: > > - always add direction to the rule, pass or block, add interface to all > rules except default policy, keep state on all pass rules > - group your rules per direction, then per interface > - add log to all rules and watch pflog to see which rule blocks or > passes traffic. > - use keyword quick for any decisive rule > - check the parsing of your ruleset, pfctl -sr > > then come back and ask for help. Where do you find the rule information in the pflog output from tcpdump?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?772FAD6A-C534-4217-9AA7-274561879E86>