Hi! I have PF rules redirecting packets to an IP on one interface (rdomain 1) to the IP of another interface (rdomain 0):
pass in log on rdomain 1 inet proto tcp to $ipv4b port 80 rdr-to $ipv4a port 8080 rtable 0 pass in log on rdomain 1 inet6 proto tcp to $ipv6b port 80 rdr-to $ipv6a port 8080 rtable 0 These rules work for IPv4 but initially not for IPv6. (That problem is now solved.) I was trying to figure out why and started using tcpdump(8). em0 has the IPs: ipv4a and ipv6a. em1 is in rdomain 1 and has the IPs: ipv4b and ipv6b. Both are connected to the same LAN. httpd(8) is configured to listen on ipv4a:80, ipv6a:80 with one (virtual) server and on ipv4a:8080, ipv6a:8080 with another, each serving a very simple index.html file that shows which server is responding. To debug I started: # tcpdump -n -e -ttt -l -i em0 'port 80 or 8080‘ # tcpdump -n -e -ttt -l -i em1 'port 80 or 8080‘ (Both in separate terminal windows at the same time.) Now from a second machine I access the web server: $ curl --url 'http://<ipv4a>‘ Works fine, I see traffic in the tcpdump(8) for em0. $ curl --url 'http://<ipv4b>‘ Works fine, I see traffic in the tcpdump(8) for em1 but not for em0. $ curl --url 'http://[<ipv6a>]‘ Works fine, I see traffic in the tcpdump(8) for em0. $ curl --url 'http://[<ipv6b>]‘ Timeout! I see traffic in the tcpdump(8) for em1 but not for em0. This was the one I was ultimately trying to debug but as the trace on the IPv4 version doesn’t work as expected I was momentarily at a loss. I have since solved the actual problem by setting: # sysctl net.inet6.ip6.forwarding=1 But I still don’t see the redirected traffic in the tcpdump(8) for em0. I don’t understand the second and fourth results. Why does the tcpdump(8) for em0 not show the redirected packets? I am likely missing something obvious here. How can I capture the redirected packets? Thanks! Mike
