Date: Tue, 3 Dec 2019 16:15:12 +0700 From: Victor Sudakov <vas@sibptus.ru> To: freebsd-pf@freebsd.org Subject: Re: pf's states Message-ID: <20191203091512.GD40372@admin.sibptus.ru> In-Reply-To: <bf32ec63-0d03-43a6-a833-903fc3509e33@www.fastmail.com> References: <20191202025642.GA99174@admin.sibptus.ru> <7a5b77d9-29d2-4fb4-b82c-3e6a194baf6e@tuxpowered.net> <20191202152543.GA16128@admin.sibptus.ru> <c17233fd-e9df-81cc-e015-89f4d5715273@pp.dyndns.biz> <20191203070555.GA38510@admin.sibptus.ru> <bf32ec63-0d03-43a6-a833-903fc3509e33@www.fastmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--tNQTSEo8WG/FKZ8E Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Dave Cottlehuber wrote: > TLDR add log to the rules, then start pflog,use wireshark or tcpdump > on the pflog interface and you can see exactly which rule is applied > to that packet. It's not that the wrong rules are being applied, there are 2-3 rules in total in the whole lab, they are easy to monitor with rule counters. It's the state being created from the rules that confuses me. And the state if visible in "pfctl -s states". The problem is that either I'm confused about how pf state works, or the documentation is misleading/incomplete. --=20 Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/ --tNQTSEo8WG/FKZ8E Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJd5iegAAoJEA2k8lmbXsY0wMYH/RSRrC4Dj+EOa/DVE+hTSANT v85+tmHQ+p0MX40NctAHKHXrg2EbC06cCts880xmnO5v2CF0wkw6frWstf8iOGP7 XgZXtWkjXBOeKWISNHLFCW2S7JSvnNAH9EuaGYgLNu1D9KTkBgX+VL+8EL+EBFna TG68w4rexuSf+r4Ufj+X1fMMiyOeKGMwCcImNyABUoVikIn4KhpCKAWvqsu26zZw zykbtOeDltM04WEN/t1usC9QMeWYm0JftgtNSZ3VcJq52vrwFL0jVmwPOXzZBA51 nF6ZPTxEh5MtWf9Qy8djsDtVDb4UoPfCl7DmUgSqTOcFhvVuhJZxED+DEJPUmgI= =7Wed -----END PGP SIGNATURE----- --tNQTSEo8WG/FKZ8E--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20191203091512.GD40372>