I'd also like to mention that this is almost a default install...with just OpenVPN, Firefox, and scrotwm on it. Also I patched it to -stable. I don't know pf syntax so I left it alone as it is, but I read somewhere that starting with a certain version of OpenBSD, it was enabled by default. So I think right now it allows all traffic.
In any case, it might be my lack of pf skill but I added
block log all to the bottom of my pf.conf (that's correct, right?) and ran OpenVPN accordingly...I tried to ping Google and also browse to Yahoo, then stopped the VPN.
I did this:
Code:
$ sudo tcpdump -eni /dev/pflog0
tcpdump: Failed to open bpf device for /dev/pflog0: Device not configured
I'm not sure how to go about inspecting packets in this way. What should I be doing?