Re: Tracing packets passing through PF

2007-03-05 Thread Tom Judge
Volker Werth wrote: On 12/23/-58 20:59, Tom Judge wrote: The packet is not getting filtered it leaves the host and passes on the wire to the default gateway. There are no issues with the traffic being filtered by the originating hosts firewall, the problem is that the ESP packets next hop is no

Re: Re: Tracing packets passing through PF

2007-03-05 Thread Volker Werth
On 12/23/-58 20:59, Tom Judge wrote: > The packet is not getting filtered it leaves the host and passes on the > wire to the default gateway. There are no issues with the traffic being > filtered by the originating hosts firewall, the problem is that the ESP > packets next hop is not being modifie

Re: Tracing packets passing through PF

2007-03-05 Thread Tom Judge
Greg Hennessy wrote: I have the following rules on lo0: Have you tried an set skip with a default block log all ? Greg The packet is not getting filtered it leaves the host and passes on the wire to the default gateway. There are no issues with the traffic being filtered by the origin

RE: Tracing packets passing through PF

2007-03-04 Thread Greg Hennessy
> I have the following rules on lo0: > Have you tried an set skip with a default block log all ? Greg ___ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Tracing packets passing through PF

2007-03-02 Thread Tom Judge
Greg Hennessy wrote: I actually need to see how a packet that the IPSEC code generates is passes through PF (What rules it is (not) matching etc). At the moment it seems that it is either a) not passing through pf at all, b) For some reason not matching the source routing rule. Is there anyway

Re: Tracing packets passing through PF

2007-03-02 Thread Tom Judge
Greg Hennessy wrote: I was wondering if there is any way to trace packets as they pass through PF and possibly even the network stack. If someone could give me some pointers on this it would be greatly appreciated. A full tcpdump on the ingress and egress interfaces,a bpf filter will find the

RE: Tracing packets passing through PF

2007-03-02 Thread Greg Hennessy
> > I actually need to see how a packet that the IPSEC code generates is > passes through PF (What rules it is (not) matching etc). At the moment > it seems that it is either a) not passing through pf at all, b) For > some > reason not matching the source routing rule. > > Is there anyway to see

RE: Tracing packets passing through PF

2007-03-02 Thread Greg Hennessy
> I was wondering if there is any way to trace packets as they pass > through PF and possibly even the network stack. If someone could give > me some pointers on this it would be greatly appreciated. A full tcpdump on the ingress and egress interfaces,a bpf filter will find the interesting bits

Re: Tracing packets passing through PF

2007-03-01 Thread Andrei Kolu
On Friday 02 March 2007 00:31, Tom Judge wrote: > Hi, > > I was wondering if there is any way to trace packets as they pass > through PF and possibly even the network stack. If someone could give > me some pointers on this it would be greatly appreciated. > pass in on rl0 all label "incoming" pas

Tracing packets passing through PF

2007-03-01 Thread Tom Judge
Hi, I was wondering if there is any way to trace packets as they pass through PF and possibly even the network stack. If someone could give me some pointers on this it would be greatly appreciated. Tom ___ freebsd-pf@freebsd.org mailing list http: