Date: Fri, 4 Sep 2015 09:04:41 -0400 From: Mike Tancsa <mike@sentex.net> To: Sergey Grigorian <grigorian@theconcept.ru>, Mario Lobo <lobo@bsd.com.br> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: 10.2-RELEASE not forwarding packets/NATing with pf Message-ID: <55E996E9.30402@sentex.net> In-Reply-To: <5C137CAA56211A448C4F58E75EFB6266C285E65E@EXCHANGE.lan.theconcept.ru> References: <5C137CAA56211A448C4F58E75EFB6266C285B582@EXCHANGE.lan.theconcept.ru> <55E84B51.7070103@sentex.net> <5C137CAA56211A448C4F58E75EFB6266C285E5CC@EXCHANGE.lan.theconcept.ru> <20150903114614.17c98a13@Papi> <5C137CAA56211A448C4F58E75EFB6266C285E65E@EXCHANGE.lan.theconcept.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/4/2015 8:49 AM, Sergey Grigorian wrote: > > Mario, > I load pf as a module, so pf.ko is loaded. This box runs a stock RELEASE kernel. > What confuses me is that this setup works perfectly on 10.1, but stops working the second I boot into the 10.2-RELEASE-p2 kernel. Any possibility of mismatched userland and kernel ? I have a couple of RELENG_10 boxes doing pf and forwarding just fine. My home router is 10.2-STABLE r287218 for example. also, when its not working are you sure its an issue of forwarding not working, or potentially its something to do with just pf ? when its broken, what does net.inet.ip.forwarding show ? Can you test with the most basic of pf rules and see if its something to do with pf's rules being different ? What ethernet adapter are you using ? I see you have 'hn' in your config and I am not familiar with that. ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55E996E9.30402>