Volker wrote:
On 12/23/-58 20:59, Eric wrote:
in this case, pf logging looks like this:
Why is the first host producing more detailed logs? why isnt pf showing
the port that was blocked or anything else like it does in the first
host? Is there a way to make the ng0 interface log more or is this due
to the netgraph hooks into pf?
ICMP packets do NOT have any port numbers. The example you've shown
had 3 ICMP packets being blocked.
On the other side, I'm always using `tcpdump -nettttvvi ...' (the
-vv parameters gives more output but might annoy you for SMB /
netbios traffic).
HTH,
Volker
It does. i picked some bad examples there. the issue was not having IPv6
on the second machine and as such it was using a smaller value for the
capture size (64 vs 96 I believe). Using -s 100 fixed it and things look
as expected.
Eric
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
