Hello, I have bridge with em0 and tap0.
tap0 is bhyve guest, em0 has alias for jails.
The problem is that with pf traffic is not flowing from bhyve guest to services within jails.
bridge0 and tap0 are set to skip.
Here is firewall rules:
blocl log all is receiving traffic from bhyve to jails. I suspect, this is because state is not created for this traffic?
Here is pflog data
What I'm missing? Should I create rules with no state or other solution exists?
tap0 is bhyve guest, em0 has alias for jails.
The problem is that with pf traffic is not flowing from bhyve guest to services within jails.
bridge0 and tap0 are set to skip.
Here is firewall rules:
Code:
block drop log all
pass in all flags S/SA keep state
pass out all flags S/SA keep state
pass in on em0 inet proto tcp from any to 10.0.1.0/24 port = ssh flags S/SA keep state
Here is pflog data
Code:
21:21:54.991205 rule 0..16777216/0(match): block out on em0: 10.0.1.5.80 > 10.0.1.8.49183: Flags [S.], seq 1326587568, ack 3166846400, win 65535, options [mss 1460,nop,wscale 6,sackOK,eol], length 0
21:21:57.988899 rule 0..16777216/0(match): block out on em0: 10.0.1.5.80 > 10.0.1.8.49183: Flags [S.], seq 1326587568, ack 3166846400, win 65535, options [mss 1460,nop,wscale 6,sackOK,eol], length 0
21:22:03.987861 rule 0..16777216/0(match): block out on em0: 10.0.1.5.80 > 10.0.1.8.49183: Flags [S.], seq 677084363, ack 3166846400, win 65535, options [mss 1460,sackOK,eol], length 0