Hi Zack, Very interesting reply.
I really do remember, under FreeBSD, I was having a similar "dmesg -a" output telling about DHCP's permission denied issue, and finally I solved it with a pass rule like: "pass log quick on $ext_if proto udp from any to any port = 67 keep state" in /usr/local/etc/pf.conf file. And reading DHCP traffic never makes its way to pf, surprised me. Perhaps that's valid only on OpenBSD but not on FreeBSD? Anyways.. Zack Newman wrote: Certainly could be. If this happens consistently around a particular time, you can "live dangerously" and allow all traffic temporarily to see if the issue is resolved. More safely, use tcpdump(8) to see if you can find the problem. > I tried to add: > pass log quick on $ext_if proto udp from any to any port = 67 > in my pf.conf file, didn't help. Completely useless. DHCP traffic never makes its way to pf(4) due to being handled by bpf(4) first, so you don't need such a rule-in fact you could explicitly block such traffic, and it won't matter. Proof: