Hello, again.
All I can see that jumps out at me is your second pass/rdr-to rule uses a different matching address. As with your last thread, I have limited information, so I wonder if $sync_pub_ip is a valid listening address.
I would also run tcpdump with em2, because if packets are flowing to $netfs on em2, the problem is external to your router.
|