Thanks for the answers and sorry for the delay. I needed some sleep.
First I tried
but without any change. Both clients (the iphone, the Apple notebook) disconnecting after about a minute.
Then I tried your minimalistic firewall configuration but without a change. However, I'm using
tcpdump -n -e -ttt -i pflog0 for parsing the firewall rules. First I suspected that still anti-spoof is being turned on but I turned that one off and still no change. What I discovered is, that now all incoming traffic from my clients to 224.0.0.0/8 also are passed through the firewall to the outside and also these strange igmp packets that are being logged from a rule that shouldn't log at all (
pass in quick on rum0 inet from (rum0:network:*) to any flags S/SA keep state.)
Could it be also possible that I have set up some strange timeouts via sysctl or in the pf.conf that could cause this behaviour? This is what I had earlier in my pf.conf. No changes in my sysctl.conf.
Code:
set timeout interval 10
set timeout frag 20
set timeout src.track 5
set timeout { tcp.first 30, tcp.closing 10, tcp.closed 10, tcp.finwait 10 tcp.es
tablished 86400 }
set timeout { udp.first 10, udp.single 10, udp.multiple 10 }
I also enabled multicast routing in my sysctl but without any change (obviously):
Code:
sysctl net.inet.ip.mforwarding=1
sysctl net.inet.ip.multipath=1
So. Maybe wrong routes are the problem here? My internal ethernet network has a 10.x.x.x subnet. So there should be no conflicts at all.
Code:
# route -n show | grep rum0
192.168.2/24 link#7 UC 1 0 - 4 rum0
192.168.2.99 00:33:36:3f:dc:b2 UHLc 0 501 - 4 rum0
fe80::%rum0/64 link#7 UC 0 0 - 4 rum0
fe80::33e6:baff:fef0:a0f%rum0 33:33:33:f0:0a:0f UHL 0 0 - 4 lo0
ff01::%rum0/32 link#7 UC 0 0 - 4 rum0
ff02::%rum0/32 link#7 UC 0 0 - 4 rum0