View Single Post
  #2   (View Single Post)  
Old 5th June 2009
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,505
Default

Have you seen http://www.securityfocus.com/infocus/1859? ?

To check whether pf is blocking, use a default policy of:
Code:
 block log all
This will make blocked packets appear on the pflog0 device.
You can see these packets by using
Code:
tcpdump -eni pflog0
a console on the VPN/firewall box.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote