View Single Post
Old 7th July 2014
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

It's late in my day and I am not about to manually review your rules. Instead, I'm going to assume that your issues are caused by operator error.

Load your base ruleset as you always would, with

# pfctl -f /path/to/file.

Test your rules and make sure they work. Any errors or faults must be corrected. You are not doing this.

You do not load the anchor rules with pfctl. These are loaded and unloaded at the anchor point in your base ruleset by the authpf shell. If you have been issuing pfctl commands in an attempt to manage authpf, stop. The only pfctl commands you will need other than the load command above are to inspect the loaded rules:

Base ruleset:

# pfctl -sr

Anchor ruleset. Empty when unloaded and inactive:

# pfctl -sr -a authpf/*

Last edited by jggimi; 7th July 2014 at 12:12 PM. Reason: clarity, typo - I should never reply to these threads with a phone.
Reply With Quote