View Single Post
Old 14th April 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

So the problem is that the rules for the outbound traffic on the internal interface never get evaluated, and thus cannot queue the traffic.

Change these rules to use "match" instead of "pass". Then check the pfctl -vvs rules output whether these 'match' rules are being evaluated.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote