Thread: OpenBSD CARP/PF
View Single Post
Old 7th November 2011
J65nko J65nko is offline
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,506

You also can watch the carp traffic with tcpdump. I don't have carp running so I do not know whether it shows sufficient details to diagnose your issue.

From the tcpdump man page:
 ip proto proto     True if the packet is an IP packet (see ip(4)) of
                        protocol type proto.  proto can be a number or name
                        from protocols(5), such as icmp, udp, or tcp.  These
                        identifiers are also keywords and must be escaped
                        using a backslash character (`\').
$ grep carp /etc/protocols
carp    112     CARP    vrrp    # Common Address Redundancy Protocol
A syntax test on my non-carp re0 interface:
$ tcpdump -vveni re0  ip proto 112
tcpdump: listening on re0, link-type EN10MB
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote