Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 25th May 2010
fbroce fbroce is offline
Port Guard
Join Date: Oct 2009
Posts: 11
Default OpenBSD 4.7 pf and traceroute

I have 4.7 running as a home cable router on two boxes (one is a spare). I have the new pf format working with the exception of mtr or traceroute.

I can get mtr to work however it just shows the first and last hop. I think the problem is related to the scrub statement:

match log on $ext_if all scrub (random-id min-ttl 254 set-tos lowdelay reassemble tcp max-mss 1472 )

shows only the destination:

traceroute to daemonforums.org (, 64 hops max, 40 byte packets
1 daemonforums.org ( 136.681 ms 138.460 ms 136.798 ms

If I use a simple
match out all scrub (no-df)

traceroute works on the router box only and gives ??? on other connected boxes.

Any ideas?
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenBSD wwww.openbsd.org//ftp.openbsd.org downtime - Sunday Mar 21, 0800-1530 MDT J65nko News 0 19th March 2010 10:28 PM

All times are GMT. The time now is 03:03 AM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick