Hi, I have some strange packet filtering on an openbsd 4.4
at the beginning a normal block all (not a "block in quick", but only a "block in") block in log on em0 all block out log on em0 all then I autorise some traffic: pass in on em0 from "172.30.251.0/24" to "172.30.251.0/24" keep state pass out on em0 from "172.30.251.0/24" to "172.30.251.0/24" keep state If I log the result, I see: Aug 17 17:41:02.521407 rule 42/(match) block in on em0: 172.30.251.131.2715 > 172.30.251.141.2146: [|tcp] => rule 42 is the rule "block in log on em0 all". I worked with macros and I check the result with an pfctl -s rules => evry thing is ok pass in on em0 inet from 172.30.251.0/24 to 172.30.251.0/24 flags S/SA keep state pass out on em0 inet from 172.30.251.0/24 to 172.30.251.0/24 flags S/SA keep state An idea ? Regards Christophe
