On Tue, 1 Dec 2015 12:16:45 +0100 Daniel Bilik <d...@neosystem.org> wrote:
> But next time it happens, I'll try to reload pf rules, and also to > disable pf completely... Done. First I've tried to flush nat... # pfctl -f /etc/pf.conf -F nat -O -N nat cleared ... then rules... # pfctl -f /etc/pf.conf -F rules -O -R -Tl rules cleared ... but neither has helped. Ping to affected host has been reporting the known error all the time... ping: sendto: Operation not permitted Next, I've disabled pf completely... # pfctl -d pf disabled ... which changed ping error message to... ping: sendto: Host is down ... and tcpdump(1) confirmed that packets are still going via wrong interface... # tcpdump -i re0 -n icmp 07:54:44.538326 IP 82.x.y.50 > 192.168.2.33: ICMP echo request, id 54720, seq 24, length 64 ... now not being dropped by pf, but without any echo response (for obvious reasons). Again, refreshing default route solved the problem instantly. -- Dan _______________________________________________ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"