If you can reliably reproduce the problem with en.wikipedia.org, I
suggest the following:
On the firewall
1) enable verbose logging with pfctl -xm
2) save the output of pfctl -si and netstat -s
3) run the following three tcpdump in parallel, and save the output:
tcpdump -s 1600 -nvvvpSi xl0 'host 91.198.174.225'
tcpdump -s 1600 -nvvvpSi re0 'host 91.198.174.225'
tcpdump -s 1600 -nvvveeepi pflog0
On a client
4) printf "GET /wiki/Main_Page HTTP/1.1\r\nHost: en.wikipedia.org\r\n\r\n" |
nc -v 91.198.174.225 80 | wc -c
5) this should hang until some timout occurs, you need only wait 10s.
Back on the firewall
6) re-run pfctl -si and netstat -s (again saving the output)
7) stop the tcpdumps
8) check /var/log/messages for anything from pf
The post the outputs :)
Daniel
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
