On 2007/06/06 14:32, BradenM - Sonoma Computer wrote: ...pretty useful info...
Also useful for any suspected PF problems: # pfctl -sa (to check that the ruleset did indeed get loaded, and that PF is enabled - if you can also have some pings running we'll see how state tables look too). # sysctl net.inet.ip.forwarding (you never know...) How does traffic from the outside reach this machine? Is whatever device that's giving it connectivity setup to send traffic for all the relevant IP addresses to this box? You should be able to pfctl -d to disable PF and ping each address from outside. If not there's a more fundamental problem that needs looking at before examining the PF configuration. Fix then enable PF again (pfctl -e). Not relevant to you since you pass all traffic, but other people are reading this who might not: 'log' on all block rules, reload PF, and (ifconfig pflog0 up; tcpdump -nettipflog0)
