I have investigated further:
The state table adds this entry:
all tcp 192.168.0.254:80 <- 172.17.1.254:50186
CLOSED:SYN_SENT
Which I suppose reflect the fact that the packet is blocked - I
don't know how to capture the state table after the packet is
passed on the way in, but before it is
Hi Erik,
Remember that any quick rule will apply on it and pf will not search
anymore, maybe you should clean up your pf.conf a little bit.
Maybe removing all quick rules you get what you want ;)
-
block in log on $wlan_if inet from $wlan_net to
pass in log quick
On Wednesday 02 April 2008 09:03:06 am Erik Norgaard wrote:
> Hi,
>
> I have a problem connecting from one local subnet to another
> crossing an FBSD box with pf. Should be trivial, I have the
> following ruleset:
>
>
> # Local services accessible from wlan
> block in log on $wlan_if inet from $wl
Hi,
I have a problem connecting from one local subnet to another
crossing an FBSD box with pf. Should be trivial, I have the
following ruleset:
# Local services accessible from wlan
block in log on $wlan_if inet from $wlan_net to
pass in log quick on $wlan_if inet proto tcp from $wlan_net
