On Tue, Sep 18, 2018 at 09:02:23PM +0000, Tim Jones wrote: > My PF is simple as follows (there is no NAT here, its fully routable) : > match in all scrub (no-df random-id) > block drop > set block-policy drop > set syncookies always > pass from <my_admin_net> to any flags S/SA modulate state (pflow) >
Can you try your setup with a default pf.conf (you can find it in /etc/examples). If this works, then try adding the rules you've got one by one to see, if and which one is causing your troubles. hth, Marc
