Hello FreeBSD pf list,
I've been using FreeBSD and ipfw for many years on my router. I recently
decided to move to pf instead of ipfw (trying to get a Chromecast to
work - need UPnP via miniupnpd which only works with pf). But I can't
get anything to work at all. I'm obviously doing something very
basically wrong.
Firstly, I'm running FreeBSD 10-stable as of a week or so ago. I do not
have ALTQ compiled in my kernel, but I don't believe that I need it. The
contents of /etc/pf.conf, and the output from dmesg, ifconfig, and pfctl
-s all are below. I've replaced IP addresses to protect the innocent.
If anybody can please help, I'd be very grateful.
Thanks,
Graham
I have packet forwarding enabled:
% sysctl net.inet.ip.forwarding net.inet6.ip6.forwarding
net.inet.ip.forwarding: 1
net.inet6.ip6.forwarding: 1
%
In /etc/rc.conf, I have:
pf_enable="YES"
pf_flags=""
pf_rules="/etc/pf.conf"
pflog_enable="YES"
pflog_logfile="/var/log/pflog"
pflog_flags=""
After booting, the following processes are running:
% ps axww|grep pf
585 - DL 0:00.14 [pf purge]
594 - Is 0:00.01 pflogd: [priv] (pflogd)
601 - S 0:00.02 pflogd: [running] -s 116 -i pflog0 -f
/var/log/pflog (pflogd)
1114 u0 S+ 0:00.00 grep pf
%
Pinging myself gives errors:
% ping XXX.2.73.1
PING XXX.2.73.1 (XXX.2.73.1): 56 data bytes
ping: sendto: Permission denied
^C
--- XXX.2.73.1 ping statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss
/etc/pf.conf:
# internal and external interfaces
int_if = "re0"
ext_if = "re1"
wap_if = "re2"
ipv6_if = "gif0"
#egress_if = $ext_if
# interface classes
#insecure_ifs = "{ $ext_if, $wap_if, $ipv6_if }"
#natted_ifs = "{ $int_if, $wap_if }"
# TCP ports we want to allow access to from insecure interfaces
tcp_services_from_insecure_ifs = "{ ssh, imaps, openvpn }"
# ping requests
icmp_types = "echoreq"
# block incoming traffic from unroutable addresses
blocked = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8,
169.254.0.0/16, 192.0.2.0/24, 0.0.0.0/8, 240.0.0.0/4,
255.255.255.255/32 }"
# options
set block-policy drop
set loginterface egress
set skip on lo0
# Scrub
scrub in all
# nat/rdr
match out on egress inet from !(egress:network) to any nat-to (egress:0)
#nat on egress from $int_if:network to any -> (egress)
#nat on egress from $wap_if:network to any -> (egress)
# for UPnP
#rdr-anchor "miniupnpd"
# filter rules
block all
# block traffic to/from private networks
block drop in quick from $blocked to any
block drop out quick from any to $blocked
# allow access to certain TCP services from insecure interfaces
pass in on $ext_if inet proto tcp from any to ($int_if) port
$tcp_services_from_insecure_ifs flags S/SA keep state
#pass in on $wap_if inet proto tcp from any to ($int_if) port
$tcp_services_from_insecure_ifs flags S/SA keep state
#pass in on $ipv6_if inet proto tcp from any to ($int_if) port
$tcp_services_from_insecure_ifs flags S/SA keep state
# allow in ping replies
pass in inet proto icmp all icmp-type $icmp_types keep state
# allow all traffic from internal network to internal interface
pass in on $int_if from $int_if:network to any keep state
pass out on $int_if from any to $int_if:network keep state
# allow all traffic out via external interface
pass out on $ext_if proto tcp all modulate state flags S/SA
pass out on $ext_if proto { udp, icmp } all keep state
# for UPnP
#anchor "miniupnpd"
pfctl -s all:
TRANSLATION RULES:
nat on egress inet from XXX.2.73.0/25 to any -> (egress) round-robin
FILTER RULES:
scrub in all fragment reassemble
block drop all
block drop in quick inet from <__automatic_523e5_0> to any
block drop out quick inet from any to <__automatic_523e5_1>
pass in on re1 inet proto tcp from any to (re0) port = ssh flags
S/SA keep state
pass in on re1 inet proto tcp from any to (re0) port = imaps flags
S/SA keep state
pass in on re1 inet proto tcp from any to (re0) port = openvpn flags
S/SA keep state
pass in inet proto icmp all icmp-type echoreq keep state
pass in on re0 inet from XXX.2.73.0/25 to any flags S/SA keep state
pass in on re0 inet6 from 2001:470:1f05:35d::/64 to any flags S/SA
keep state
pass out on re0 inet from any to XXX.2.73.0/25 flags S/SA keep state
pass out on re0 inet6 from any to 2001:470:1f05:35d::/64 flags S/SA
keep state
pass out on re1 proto tcp all flags S/SA modulate state
pass out on re1 proto udp all keep state
pass out on re1 proto icmp all keep state
STATES:
all tcp 179.60.193.3:443 <- XXX.2.73.72:18969 CLOSED:SYN_SENT
all tcp 179.60.193.3:443 <- XXX.2.73.72:27780 CLOSED:SYN_SENT
all udp XXX.2.73.1:53 <- XXX.2.73.72:19784 NO_TRAFFIC:SINGLE
all udp XXX.2.73.1:53 <- XXX.2.73.72:50987 NO_TRAFFIC:SINGLE
all udp XXX.2.73.1:53 <- XXX.2.73.72:36252 NO_TRAFFIC:SINGLE
all udp XXX.2.73.1:514 <- XXX.2.73.105:1024 NO_TRAFFIC:SINGLE
all udp XXX.2.73.1:53 <- XXX.2.73.72:49728 NO_TRAFFIC:SINGLE
all udp XXX.2.73.1:53 <- XXX.2.73.72:33288 NO_TRAFFIC:SINGLE
all udp XXX.2.73.1:53 <- XXX.2.73.72:33594 NO_TRAFFIC:SINGLE
all udp XXX.2.73.1:53 <- XXX.2.73.72:39265 NO_TRAFFIC:SINGLE
INFO:
Status: Enabled for 0 days 00:02:00 Debug: Urgent
Interface Stats for egress IPv4 IPv6
Bytes In 0 0
Bytes Out 0 0
Packets In
Passed 0 0
Blocked 0 0
Packets Out
Passed 0 0
Blocked 0 0
State Table Total Rate
current entries 10
searches 766 6.4/s
inserts 29 0.2/s
removals 19 0.2/s
Counters
match 744 6.2/s
bad-offset 0 0.0/s
fragment 0 0.0/s
short 0 0.0/s
normalize 0 0.0/s
memory 0 0.0/s
bad-timestamp 0 0.0/s
congestion 0 0.0/s
ip-option 0 0.0/s
proto-cksum 0 0.0/s
state-mismatch 0 0.0/s
state-insert 0 0.0/s
state-limit 0 0.0/s
src-limit 0 0.0/s
synproxy 0 0.0/s
TIMEOUTS:
tcp.first 120s
tcp.opening 30s
tcp.established 86400s
tcp.closing 900s
tcp.finwait 45s
tcp.closed 90s
tcp.tsdiff 30s
udp.first 60s
udp.single 30s
udp.multiple 60s
icmp.first 20s
icmp.error 10s
other.first 60s
other.single 30s
other.multiple 60s
frag 30s
interval 10s
adaptive.start 6000 states
adaptive.end 12000 states
src.track 0s
LIMITS:
states hard limit 10000
src-nodes hard limit 10000
frags hard limit 5000
table-entries hard limit 200000
TABLES:
__automatic_523e5_0
__automatic_523e5_1
OS FINGERPRINTS:
710 fingerprints loaded
dmesg:
Copyright (c) 1992-2015 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 10.1-STABLE #8 r282466: Wed May 6 23:22:44 AEST 2015
g...@maxwell.menhennitt.com.au:/usr/data/maxwell/obj/usr/data/FreeBSD/src_10-Stable/sys/maxwell
amd64
FreeBSD clang version 3.4.1 (tags/RELEASE_34/dot1-final 208032) 20140512
CPU: AMD G-T40E Processor (1000.02-MHz K8-class CPU)
Origin="AuthenticAMD" Id=0x500f20 Family=0x14 Model=0x2 Stepping=0
Features=0x178bfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2,HTT>
Features2=0x802209<SSE3,MON,SSSE3,CX16,POPCNT>
AMD Features=0x2e500800<SYSCALL,NX,MMX+,FFXSR,Page1GB,RDTSCP,LM>
AMD
Features2=0x35ff<LAHF,CMP,SVM,ExtAPIC,CR8,ABM,SSE4A,MAS,Prefetch,IBS,SKINIT,WDT>
SVM: NP,NRIP,NAsids=8
TSC: P-state invariant, performance statistics
real memory = 4815060992 (4592 MB)
avail memory = 4099497984 (3909 MB)
Event timer "LAPIC" quality 400
ACPI APIC Table: <CORE COREBOOT>
FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs
FreeBSD/SMP: 1 package(s) x 2 core(s)
cpu0 (BSP): APIC ID: 0
cpu1 (AP): APIC ID: 1
ioapic0 <Version 2.1> irqs 0-23 on motherboard
random: <Software, Yarrow> initialized
acpi0: <CORE COREBOOT> on motherboard
acpi0: Power Button (fixed)
cpu0: <ACPI CPU> on acpi0
cpu1: <ACPI CPU> on acpi0
atrtc0: <AT realtime clock> port 0x70-0x71 irq 8 on acpi0
Event timer "RTC" frequency 32768 Hz quality 0
attimer0: <AT timer> port 0x40-0x43 irq 0 on acpi0
Timecounter "i8254" frequency 1193182 Hz quality 0
Event timer "i8254" frequency 1193182 Hz quality 100
hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff on acpi0
Timecounter "HPET" frequency 14318180 Hz quality 950
Event timer "HPET" frequency 14318180 Hz quality 550
Event timer "HPET1" frequency 14318180 Hz quality 450
Timecounter "ACPI-fast" frequency 3579545 Hz quality 900
acpi_timer0: <32-bit timer at 3.579545MHz> port 0x808-0x80b on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus> on pcib0
pcib1: <ACPI PCI-PCI bridge> irq 16 at device 4.0 on pci0
pci1: <ACPI PCI bus> on pcib1
re0: <RealTek 8168/8111 B/C/CP/D/DP/E/F/G PCIe Gigabit Ethernet>
port 0x1000-0x10ff mem 0xf7a00000-0xf7a00fff,0xf7900000-0xf7903fff
irq 16 at device 0.0 on pci1
re0: Using 1 MSI-X message
re0: ASPM disabled
re0: Chip rev. 0x2c000000
re0: MAC rev. 0x00200000
miibus0: <MII bus> on re0
rgephy0: <RTL8169S/8110S/8211 1000BASE-T media interface> PHY 1 on
miibus0
rgephy0: none, 10baseT, 10baseT-FDX, 10baseT-FDX-flow, 100baseTX,
100baseTX-FDX, 100baseTX-FDX-flow, 1000baseT, 1000baseT-master,
1000baseT-FDX, 1000baseT-FDX-master, 1000baseT-FDX-flow,
1000baseT-FDX-flow-master, auto, auto-flow
re0: Using defaults for TSO: 65518/35/2048
re0: Ethernet address: 00:0d:b9:35:c9:b0
pcib2: <ACPI PCI-PCI bridge> irq 17 at device 5.0 on pci0
pci2: <ACPI PCI bus> on pcib2
re1: <RealTek 8168/8111 B/C/CP/D/DP/E/F/G PCIe Gigabit Ethernet>
port 0x2000-0x20ff mem 0xf7c00000-0xf7c00fff,0xf7b00000-0xf7b03fff
irq 17 at device 0.0 on pci2
re1: Using 1 MSI-X message
re1: ASPM disabled
re1: Chip rev. 0x2c000000
re1: MAC rev. 0x00200000
miibus1: <MII bus> on re1
rgephy1: <RTL8169S/8110S/8211 1000BASE-T media interface> PHY 1 on
miibus1
rgephy1: none, 10baseT, 10baseT-FDX, 10baseT-FDX-flow, 100baseTX,
100baseTX-FDX, 100baseTX-FDX-flow, 1000baseT, 1000baseT-master,
1000baseT-FDX, 1000baseT-FDX-master, 1000baseT-FDX-flow,
1000baseT-FDX-flow-master, auto, auto-flow
re1: Using defaults for TSO: 65518/35/2048
re1: Ethernet address: 00:0d:b9:35:c9:b1
pcib3: <ACPI PCI-PCI bridge> irq 18 at device 6.0 on pci0
pci3: <ACPI PCI bus> on pcib3
re2: <RealTek 8168/8111 B/C/CP/D/DP/E/F/G PCIe Gigabit Ethernet>
port 0x3000-0x30ff mem 0xf7e00000-0xf7e00fff,0xf7d00000-0xf7d03fff
irq 18 at device 0.0 on pci3
re2: Using 1 MSI-X message
re2: ASPM disabled
re2: Chip rev. 0x2c000000
re2: MAC rev. 0x00200000
miibus2: <MII bus> on re2
rgephy2: <RTL8169S/8110S/8211 1000BASE-T media interface> PHY 1 on
miibus2
rgephy2: none, 10baseT, 10baseT-FDX, 10baseT-FDX-flow, 100baseTX,
100baseTX-FDX, 100baseTX-FDX-flow, 1000baseT, 1000baseT-master,
1000baseT-FDX, 1000baseT-FDX-master, 1000baseT-FDX-flow,
1000baseT-FDX-flow-master, auto, auto-flow
re2: Using defaults for TSO: 65518/35/2048
re2: Ethernet address: 00:0d:b9:35:c9:b2
ahci0: <AMD SB7x0/SB8x0/SB9x0 AHCI SATA controller> port
0x4010-0x4017,0x4020-0x4023,0x4018-0x401f,0x4024-0x4027,0x4000-0x400f mem
0xf7f04000-0xf7f043ff irq 19 at device 17.0 on pci0
ahci0: AHCI v1.20 with 6 6Gbps ports, Port Multiplier supported
ahci0: quirks=0x1b5f0<ATI_PMP_BUG,1MSI>
ahcich0: <AHCI channel> at channel 0 on ahci0
ahcich1: <AHCI channel> at channel 1 on ahci0
ahcich2: <AHCI channel> at channel 2 on ahci0
ahcich3: <AHCI channel> at channel 3 on ahci0
ahcich4: <AHCI channel> at channel 4 on ahci0
ahcich5: <AHCI channel> at channel 5 on ahci0
ohci0: <AMD SB7x0/SB8x0/SB9x0 USB controller> mem
0xf7f00000-0xf7f00fff irq 18 at device 18.0 on pci0
usbus0 on ohci0
ehci0: <AMD SB7x0/SB8x0/SB9x0 USB 2.0 controller> mem
0xf7f04400-0xf7f044ff irq 17 at device 18.2 on pci0
usbus1: EHCI version 1.0
usbus1 on ehci0
ohci1: <AMD SB7x0/SB8x0/SB9x0 USB controller> mem
0xf7f01000-0xf7f01fff irq 18 at device 19.0 on pci0
usbus2 on ohci1
ehci1: <AMD SB7x0/SB8x0/SB9x0 USB 2.0 controller> mem
0xf7f04500-0xf7f045ff irq 17 at device 19.2 on pci0
usbus3: EHCI version 1.0
usbus3 on ehci1
isab0: <PCI-ISA bridge> at device 20.3 on pci0
isa0: <ISA bus> on isab0
pcib4: <ACPI PCI-PCI bridge> at device 20.4 on pci0
pci4: <ACPI PCI bus> on pcib4
ohci2: <AMD SB7x0/SB8x0/SB9x0 USB controller> mem
0xf7f02000-0xf7f02fff irq 18 at device 20.5 on pci0
usbus4 on ohci2
pcib5: <ACPI PCI-PCI bridge> at device 21.0 on pci0
pci5: <ACPI PCI bus> on pcib5
ohci3: <AMD SB7x0/SB8x0/SB9x0 USB controller> mem
0xf7f03000-0xf7f03fff at device 22.0 on pci0
usbus5 on ohci3
ehci2: <AMD SB7x0/SB8x0/SB9x0 USB 2.0 controller> mem
0xf7f04600-0xf7f046ff at device 22.2 on pci0
usbus6: EHCI version 1.0
usbus6 on ehci2
acpi_button0: <Power Button> on acpi0
orm0: <ISA Option ROM> at iomem 0xee800-0xeffff on isa0
uart0: <16550 or compatible> at port 0x3f8-0x3ff irq 4 flags 0x10 on
isa0
uart0: console (115200,n,8,1)
uart1: <16550 or compatible> at port 0x2f8-0x2ff irq 3 on isa0
random: unblocking device.
usbus0: 12Mbps Full Speed USB v1.0
Timecounters tick every 1.000 msec
ipfw2 (+ipv6) initialized, divert loadable, nat loadable, default to
deny, logging disabled
usbus1: 480Mbps High Speed USB v2.0
usbus2: 12Mbps Full Speed USB v1.0
usbus3: 480Mbps High Speed USB v2.0
ugen0.1: <ATI> at usbus0
uhub0: <ATI OHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus0
ugen1.1: <ATI> at usbus1
uhub1: <ATI EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus1
ugen2.1: <ATI> at usbus2
uhub2: <ATI OHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus2
ugen3.1: <ATI> at usbus3
uhub3: <ATI EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus3
usbus4: 12Mbps Full Speed USB v1.0
usbus5: 12Mbps Full Speed USB v1.0
usbus6: 480Mbps High Speed USB v2.0
ugen4.1: <ATI> at usbus4
uhub4: <ATI OHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus4
ugen5.1: <ATI> at usbus5
uhub5: <ATI OHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus5
ugen6.1: <ATI> at usbus6
uhub6: <ATI EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus6
ada0 at ahcich0 bus 0 scbus0 target 0 lun 0
ada0: <SATA SSD S9FM01.9> ACS-3 ATA SATA 3.x device
ada0: Serial Number 3AF607491C0800677564
ada0: 600.000MB/s transfers (SATA 3.x, UDMA6, PIO 8192bytes)
ada0: Command Queueing enabled
ada0: 15272MB (31277232 512 byte sectors: 16H 63S/T 16383C)
ada0: Previously was known as ad4
ada1 at ahcich1 bus 0 scbus1 target 0 lun 0
ada1: <ST500LT012-1DG142 0001SDM1> ATA8-ACS SATA 3.x device
ada1: Serial Number S3PD52ZD
ada1: 600.000MB/s transfers (SATA 3.x, UDMA6, PIO 8192bytes)
ada1: Command Queueing enabled
ada1: 476940MB (976773168 512 byte sectors: 16H 63S/T 16383C)
ada1: quirks=0x1<4K>
ada1: Previously was known as ad6
uhub4: 2 ports with 2 removable, self powered
uhub0: 5 ports with 5 removable, self powered
uhub2: 5 ports with 5 removable, self powered
uhub5: 4 ports with 4 removable, self powered
SMP: AP CPU #1 Launched!
Timecounter "TSC" frequency 1000022996 Hz quality 800
Root mount waiting for: usbus6 usbus3 usbus1
Root mount waiting for: usbus6 usbus3 usbus1
uhub6: 4 ports with 4 removable, self powered
uhub3: 5 ports with 5 removable, self powered
uhub1: 5 ports with 5 removable, self powered
ugen6.2: <Generic> at usbus6
umass0: <Generic Flash Card ReaderWriter, class 0/0, rev 2.01/1.00,
addr 2> on usbus6
umass0: SCSI over Bulk-Only; quirks = 0x4001
umass0:6:0:-1: Attached to scbus6
Root mount waiting for: usbus1
da0 at umass-sim0 bus 0 scbus6 target 0 lun 0
da0: <Multiple Card Reader 1.00> Removable Direct Access SPC-2 SCSI
device
da0: Serial Number 058F63666485
da0: 40.000MB/s transfers
da0: Attempt to query device size failed: NOT READY, Medium not present
da0: quirks=0x2<NO_6_BYTE>
ugen1.2: <vendor 0x1a40> at usbus1
uhub7: <vendor 0x1a40 USB 2.0 Hub MTT, class 9/0, rev 2.00/1.00,
addr 2> on usbus1
uhub7: MTT enabled
uhub7: 4 ports with 4 removable, self powered
Root mount waiting for: usbus1
Root mount waiting for: usbus1
ugen1.3: <vendor 0x05e3> at usbus1
umass1: <vendor 0x05e3 USB Storage, class 0/0, rev 2.00/96.02, addr
3> on usbus1
umass1: SCSI over Bulk-Only; quirks = 0xc000
umass1:7:1:-1: Attached to scbus7
da1 at umass-sim1 bus 1 scbus7 target 0 lun 0
da1: <Generic STORAGE DEVICE 9602> Removable Direct Access SCSI device
da1: Serial Number 000000009602
da1: 40.000MB/s transfers
da1: Attempt to query device size failed: NOT READY, Medium not present
da1: quirks=0x3<NO_SYNC_CACHE,NO_6_BYTE>
da2 at umass-sim1 bus 1 scbus7 target 0 lun 1
da2: <Generic STORAGE DEVICE 9602> Removable Direct Access SCSI device
da2: Serial Number 000000009602
da2: 40.000MB/s transfers
da2: Attempt to query device size failed: NOT READY, Medium not present
da2: quirks=0x3<NO_SYNC_CACHE,NO_6_BYTE>
da3 at umass-sim1 bus 1 scbus7 target 0 lun 2
da3: <Generic STORAGE DEVICE 9602> Removable Direct Access SCSI device
da3: Serial Number 000000009602
da3: 40.000MB/s transfers
da3: Attempt to query device size failed: NOT READY, Medium not present
da3: quirks=0x3<NO_SYNC_CACHE,NO_6_BYTE>
da4 at umass-sim1 bus 1 scbus7 target 0 lun 3
da4: <Generic STORAGE DEVICE 9602> Removable Direct Access SCSI device
da4: Serial Number 000000009602
da4: 40.000MB/s transfers
da4: Attempt to query device size failed: NOT READY, Medium not present
da4: quirks=0x3<NO_SYNC_CACHE,NO_6_BYTE>
ugen1.4: <vendor 0x1a40> at usbus1
uhub8: <vendor 0x1a40 USB 2.0 Hub MTT, class 9/0, rev 2.00/1.00,
addr 4> on usbus1
uhub8: MTT enabled
Root mount waiting for: usbus1
uhub8: 4 ports with 4 removable, self powered
Trying to mount root from ufs:/dev/ada0p2 [rw,noatime]...
NLM: failed to contact remote rpcbind, stat = 3, port = 28416
NLM: failed to contact remote rpcbind, stat = 3, port = 28416
Can't start NLM - unable to contact NSM
ifconfig:
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 00:0d:b9:35:c9:b0
inet6 YYYYYYYYYYYYYY%re0 prefixlen 64 scopeid 0x1
inet XXX.2.73.1 netmask 0xffffff80 broadcast XXX.2.73.127
inet6 YYYYYYYYYYYYYY::1 prefixlen 64
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
re1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 00:0d:b9:35:c9:b1
inet6 YYYYYYYYY%re1 prefixlen 64 scopeid 0x2
inet YYY.YYY.YYY.YYY netmask 0xfffff000 broadcast
YYY.YYY.YYY.255
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
re2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 00:0d:b9:35:c9:b2
inet XXX.2.73.129 netmask 0xffffff80 broadcast XXX.2.73.255
inet6 YYYYYYYYYYY%re2 prefixlen 64 scopeid 0x3
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 YYYYYYYYY%lo0 prefixlen 64 scopeid 0x4
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
