pf nuttyness
Brian McCann
bjmccann at gmail.com
Tue Nov 24 23:02:44 UTC 2009
I'm at the end of my rope here with PF. I have a ruleset loaded, that
is long and complicated...but I've shortened to to a "pass all" rule.
The box has 4 interfaces, one for pfsync, one for me to connect to it,
and two bridged interfaces. The only traffic on the bridged
interfaces is STP and IP multicast traffic from my EIGRP routers.
When I run "pfctl -s rules -v", the EIGRP multicast traffic never hits
any rules...yet it's allowed.
I'm on FreeBSD 7.1.
Has anyone else come across this before? I'm ready to throw out
FreeBSD 7.1 and try OpenBSD for pf use...which would be a shame since
I use FreeBSD for all my other servers, and having 2 OpenBSD boxes
would just be... weird...
--Brian
--
_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_
Brian McCann
"I don't have to take this abuse from you -- I've got hundreds of
people waiting to abuse me."
-- Bill Murray, "Ghostbusters"
More information about the freebsd-questions
mailing list