This is a discussion on pf: lots of traffic on internal interface - BSD ; While running pftop, or pfctl -vvs state, I see a lot of traffic from the firewall machine to itself over the internal interface port. I am not sure what service would route something out the local interface to itself, it ...
While running pftop, or pfctl -vvs state, I see a lot of traffic from
the firewall machine to itself over the internal interface port. I am
not sure what service would route something out the local interface to
itself, it feels more like a misconfiguration. Thoughts ?
Local interface IP is 192.168.1.2
Selection from pfctl -vvs state:
lo0 tcp 192.168.1.2:33733 -> 192.168.1.2:3493
ESTABLISHED:ESTABLISHED
[4294086078 + 16384] wscale 0 [2714128582 + 16384] wscale 0
age 140:42:35, expires in 23:59:59, 202219:101111 pkts,
13548662:8392110 bytes, rule 6
id: 437a9e8000000127 creatorid: b74efa82
lo0 tcp 192.168.1.2:3493 <- 192.168.1.2:33733
ESTABLISHED:ESTABLISHED
[2714128582 + 16384] wscale 0 [4294086078 + 16384] wscale 0
age 140:42:35, expires in 23:59:59, 202219:101111 pkts,
13548662:8392110 bytes, rule 6
id: 437a9e8000000128 creatorid: b74efa82
Here's what rule 6 looks like:
@6 pass quick on lo0 all keep state (if-bound)
[ Evaluations: 140194 Packets: 612050 Bytes: 47369302
States: 2 ]
[ Inserted: uid 0 pid 7115 ]
--
George
