View Single Post
  #6   (View Single Post)  
Old 25th March 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

  • Add a log statement to the block rule: block log all
  • Set the loginterface to your NIC.
  • Reload your ruleset
  • Run tcpdump on the pflog0 device.
    Code:
    # tcpdump -en -s 160 - i pflog0
  • Start a web browser and watch the tcpdump window/xterm to see what you are missing.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote