I'm probably missing something really obvious, but why are mDNS packets getting dropped when it looks like I have rules to let them in? (Yes there are other rules but I've trimmed as much as I could for the sake of readability)
Code:
flamingo:~ jnojr$ sudo pfctl -sr
No ALTQ support in kernel
ALTQ related functions disabled
scrub in all fragment reassemble
block drop in log all
pass out all flags S/SA keep state
pass on lo0 all flags S/SA keep state
pass in quick proto udp from <local> to any port = 5353 keep state
pass in quick inet proto udp from 224.0.0.251 to any port = 5353 keep state
pass in quick inet proto tcp from 224.0.0.251 to any port = 5353 flags S/SA keep state
pass in quick inet6 proto udp from fe80::/10 port = 5353 to ff02::fb port = 5353 keep state
pass in quick inet6 proto tcp from fe80::/10 port = 5353 to ff01::fb port = 5353 flags S/SA keep state
pass in quick inet6 proto udp from fe80::/10 port = 5353 to ff01::fb port = 5353 keep state
pass in quick proto udp from <local> port = 5353 to any keep state
pass in quick proto tcp from <local> port = 5353 to any flags S/SA keep state
Code:
flamingo:~ joliver$ sudo pfctl -ss | grep -E -v ':80\ |:993\ |:53\ |:443\ |\[443\]|:5222\ |\[5222\]'
No ALTQ support in kernel
ALTQ related functions disabled
ALL udp 224.0.0.251:5353 <- 128.49.92.48:5353 NO_TRAFFIC:SINGLE
ALL udp ff02::fb[5353] <- fe80::aa20:66ff:fe26:7d25[5353] NO_TRAFFIC:SINGLE
ALL udp 224.0.0.251:5353 <- 128.49.92.59:5353 NO_TRAFFIC:SINGLE
ALL udp ff02::fb[5353] <- fe80::aa20:66ff:fe26:7c3d[5353] NO_TRAFFIC:SINGLE
Code:
Mar 25 13:53:18 flamingo pf[57755]: 00:00:31.893202 rule 0/0(match): block in on en0: fe80::aa20:66ff:fe26:7c3d.5353 > ff02::fb.5353: 0 [29a] [22q] PTR <SNIP>
Mar 25 13:53:19 flamingo pf[57755]: 00:00:00.044241 rule 0/0(match): block in on en0: fe80::426c:8fff:fe45:63ce.5353 > ff02::fb.5353: 0*- [0q] 1/0/0 (Cache flush) NULL (3411)
Mar 25 13:53:19 flamingo pf[57755]: 00:00:00.000001 rule 0/2(fragment): block in on en0: fe80::426c:8fff:fe45:63ce.5353 > ff02::fb.5353: 0*- [0q] 1/0/0 (Cache flush) NULL (3411)