Tracing packets passing through PF

[Greg Hennessy]

> 
> I actually need to see how a packet that the IPSEC code generates is
> passes through PF (What rules it is (not) matching etc).  At the moment
> it seems that it is either a) not passing through pf at all, b) For
> some
> reason not matching the source routing rule.
> 
> Is there anyway to see this, possibly by setting debuging to loud
> (pfctl
> -x loud) ?

Are you filtering on the loopback by any chance ? Or have you set skip on
lo0 ? 



Greg