View Single Post
  #2   (View Single Post)  
Old 8th July 2009
robbak's Avatar
robbak robbak is offline
Real Name: Robert Backhaus
VPN Cryptographer
Join Date: May 2008
Location: North Queensland, Australia
Posts: 366

firstly, log all your drops, and check the logs to see if you are dropping the packets.

I'm not sure if "rdr pass' is valid - it probably is, mind you, it's just that I don't know - but the pass will be immediately overridden by the following 'block drop all'. It just depends on whether the pass in quick $server... line is right. You haven't put a 'keep state' line there, but I think pf assumes keep state now.

Anyway, if those mutterings don't help you, add 'log' to your block lines, check the log (there's an example of how to check them in the 'pflog' man page), and post back with your findings.
The only dumb question is a question not asked.
The only dumb answer is an answer not given.
Reply With Quote