Dave Cottlehuber wrote: > TLDR add log to the rules, then start pflog,use wireshark or tcpdump > on the pflog interface and you can see exactly which rule is applied > to that packet.
It's not that the wrong rules are being applied, there are 2-3 rules in total in the whole lab, they are easy to monitor with rule counters. It's the state being created from the rules that confuses me. And the state if visible in "pfctl -s states". The problem is that either I'm confused about how pf state works, or the documentation is misleading/incomplete. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/
signature.asc
Description: PGP signature
