View Single Post
  #2   (View Single Post)  
Old 23rd November 2015
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
Join Date: May 2008
Location: USA
Posts: 7,124

Hello, and welcome!

The fragment of pf.conf shared here doesn't indicate any obvious problem source. So I'll reply only generally. If the traffic is being blocked, it's probably either not matching the rule, or .... never reached the rule having matched a prior quick rule.

PF diagnostics is actually pretty easy. Add the log option to all your pass and block rules, then use tcpdump(8) with your pflog(4) device. You'll be able to see what rule is passing/blocking the traffic of interest.

(For those who use more modern PF variants, adding logging to all pass/block rules can be done with a single match rule.)

Last edited by jggimi; 23rd November 2015 at 03:32 PM. Reason: typo
Reply With Quote