- Add a log statement to the block rule: block log all
- Set the loginterface to your NIC.
- Reload your ruleset
- Run tcpdump on the pflog0 device.
Code:
# tcpdump -en -s 160 - i pflog0
- Start a web browser and watch the tcpdump window/xterm to see what you are missing.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|