freebsd 7.1 pf route-to connection stall

Tom Uffner tom at
Mon Mar 2 11:29:38 PST 2009

Link wrote:

> Thanks for your reply.
> Tried rules you`ve listed.
> Does not help....
> I`ve checked with tcpdump packets are still going out using default route.

hmm. it sounds like packets aren't matching the rules.

at this point all I can suggest is adding an explicit "pass log all" as
the first rule in your config, and then testing either your ruleset or
my ruleset by adding "log" to all of the rules and check that packets
are matching appropriately. for much more detail you can change "log"
to "log (all)" to capture _every_ packet, not just the ones that create

be careful though. running full logging will consume lots of disk if used
in production rather than just while debugging.


More information about the freebsd-pf mailing list