Differences in PF between FBSD 8.2 & 9.0?
Jason Hellenthal
jhell at DataIX.net
Wed Feb 15 15:53:27 UTC 2012
On Wed, Feb 15, 2012 at 10:11:55AM +0100, Damien Fleuriot wrote:
> On 2/15/12 2:22 AM, Doug Sampson wrote:
> > I got bitten by PF when upgrading from 8.2 to 9.0. It refused to allow
> > any incoming mail. I'm using spamd in conjunction with pf. I use a
> > combination of natting along with redirections in conjunction with the
> > normal pass/block rules.
> >
>
> Toggle logging on both your default drop rule and your allow mail ones.
>
> Then tcpdump -nei pflog0 ip and port 465 (or 25, whichever)
> See what rule number matches your packets, then find out what rule that
> is with pfctl -vvvsr
>
pftop may be of use to you here as well. Fire it up and hit the number 6
to watch for which rules are getting more hits than others.
--
;s =;
More information about the freebsd-pf
mailing list