Dave Cottlehuber wrote:
> TLDR add log to the rules, then start pflog,use wireshark or tcpdump
> on the pflog interface and you can see exactly which rule is applied
> to that packet.

It's not that the wrong rules are being applied, there are 2-3 rules in
total in the whole lab, they are easy to monitor with rule counters.

It's the state being created from the rules that confuses me. And the
state if visible in "pfctl -s states".

The problem is that either I'm confused about how pf state works, or the
documentation is misleading/incomplete.


-- 
Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
2:5005/49@fidonet http://vas.tomsk.ru/

Attachment: signature.asc
Description: PGP signature

Reply via email to