Getting tables to work in PF
Dave Horsfall
dave at horsfall.org
Tue Nov 4 20:15:41 UTC 2014
On Tue, 4 Nov 2014, Dave Horsfall wrote:
> The rules? Not a sausage. It's behaving as though it's reading the
> file (which it is), but not honouring the rules themselves (which it
> isn't).
A bit more progress; I finally got around to tracing it, and the salient
bit is:
(Many calls to set rules)
(Many calls to set timeouts)
13925 pfctl CALL ioctl(0x3,DIOCSETDEBUG,0xbfbfdc84)
13925 pfctl RET ioctl 0
13925 pfctl CALL ioctl(0x3,DIOCSETSTATUSIF,0xbfbfdc5c)
13925 pfctl RET ioctl -1 errno 22 Invalid argument
Aha... So, what's so invalid about it? I don't have kernel source (my
installation was interrupted by a long stay in hospital), so I cannot
investigate any further.
And my plea as before:
> So, if pf(4) actually known to work on:
>
> FreeBSD aneurin.horsfall.org 8.2-RELEASE-p3 FreeBSD 8.2-RELEASE-p3 #0: Tue Sep 27 18:07:27 UTC 2011 root at i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386
>
> and if so, does anyone have a working sample pf.conf from such a box?
Thanks.
--
Dave Horsfall (VK2KFU) "Bliss is a MacBook with a FreeBSD server."
http://www.horsfall.org/spam.html (and check the home page whilst you're there)
More information about the freebsd-pf
mailing list