Quote:
Originally Posted by jggimi
if you ever want to know if PF is blocking or passing packets, you might consider logging your block (and pass) rules with the "log" option, then monitoring pflog0 with tcpdump.
|
That's probably the best advice anyone could give for pf troubleshooting...you can see how pf "thinks" when you take the ruleset and actually test it. Once you correlate theory and practice, the rest is easy =)