Link wrote:
Thanks for your reply. Tried rules you`ve listed. Does not help.... I`ve checked with tcpdump packets are still going out using default route.
hmm. it sounds like packets aren't matching the rules. at this point all I can suggest is adding an explicit "pass log all" as the first rule in your config, and then testing either your ruleset or my ruleset by adding "log" to all of the rules and check that packets are matching appropriately. for much more detail you can change "log" to "log (all)" to capture _every_ packet, not just the ones that create state. be careful though. running full logging will consume lots of disk if used in production rather than just while debugging. tom _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
