Can't reconnect after pf is enabled on OS X 10.8.2

InfiniteInt

Hi,

may someone help me to find my problem within my pf firewall, please. I use OS X 10.8.2. Pf works just fine when it is started after OpenVPN has finished connecting. It blocks every connection when the VPN-connection is closed, but I can't get a new connection started. I need to disable pf in order to get a new connection working. I hope that I only made a minor mistake.

I'll post all important files.

pf.conf

#
# Default PF configuration file.
#
# This file contains the main ruleset, which gets automatically loaded
# at startup.  PF will not be automatically enabled, however.  Instead,
# each component which utilizes PF is responsible for enabling and disabling
# PF via -E and -X as documented in pfctl(8).  That will ensure that PF
# is disabled only when the last enable reference is released.
#
# Care must be taken to ensure that the main ruleset does not get flushed,
# as the nested anchors rely on the anchor point defined here.
#
# See pf.conf(5) for syntax.
#

#
# com.apple anchor point
#
scrub-anchor "com.apple/*"
nat-anchor "com.apple/*"
rdr-anchor "com.apple/*"
dummynet-anchor "com.apple/*"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple"

#############
# Variables #
#############
loop_if="lo0"
eth_if= "en0"
wifi_if="en1"
vpn_if= "tun0"

# AirVPN Entry IPs #
####################
ch_virginis   = xxx.xxx.xxx.xxx
de_aquilae    = xxx.xxx.xxx.xxx
de_omicron    = xxx.xxx.xxx.xxx
de_tauri      = xxx.xxx.xxx.xxx
de_velorum    = xxx.xxx.xxx.xxx
gb_bootis     = xxx.xxx.xxx.xxx
gb_cassiopeia = xxx.xxx.xxx.xxx
it_crucis     = xxx.xxx.xxx.xxx
lu_herculis   = xxx.xxx.xxx.xxx
nl_castor     = xxx.xxx.xxx.xxx
nl_leonis     = xxx.xxx.xxx.xxx
nl_leporis    = xxx.xxx.xxx.xxx
nl_lyncis     = xxx.xxx.xxx.xxx
nl_lyra       = xxx.xxx.xxx.xxx
nl_ophiuchi   = xxx.xxx.xxx.xxx
nl_orionis    = xxx.xxx.xxx.xxx
ro_phoenicis  = xxx.xxx.xxx.xxx
se_cygni      = xxx.xxx.xxx.xxx
se_serpentis  = xxx.xxx.xxx.xxx
sg_columbae   = xxx.xxx.xxx.xxx
sg_puppis     = xxx.xxx.xxx.xxx
sg_sagittarii = xxx.xxx.xxx.xxx
us_andromedae = xxx.xxx.xxx.xxx
us_librae     = xxx.xxx.xxx.xxx
us_octantis   = xxx.xxx.xxx.xxx
us_pavonis    = xxx.xxx.xxx.xxx
us_sirius     = xxx.xxx.xxx.xxx
us_vega       = xxx.xxx.xxx.xxx

# AirVPN Geo Entries #
######################
airvpn_ch = "{" $ch_virginis "}"
airvpn_de = "{" $de_aquilae $de_omicron $de_tauri $de_velorum "}"
airvpn_gb = "{" $gb_bootis $gb_cassiopeia "}"
airvpn_it = "{" $it_crucis "}"
airvpn_lu = "{" $lu_herculis "}"
airvpn_nl = "{" $nl_castor $nl_leonis $nl_leporis $nl_lyncis $nl_lyra $nl_ophiuchi $nl_orionis "}"
airvpn_ro = "{" $ro_phoenicis "}"
airvpn_se = "{" $se_cygni $se_serpentis "}"
airvpn_sg = "{" $sg_columbae $sg_puppis $sg_sagittarii "}"
airvpn_us = "{" $us_andromedae $us_librae $us_octantis $us_pavonis $us_sirius $us_vega "}"

##########
# Tables #
##########
table <private>  const {10/8, 172.16/12, 192.168/16}
table <badhosts> persist
table <airvpn> const { $airvpn_ch, $airvpn_de, $airvpn_gb, $airvpn_it, $airvpn_lu, $airvpn_nl, $airvpn_ro, $airvpn_se, $airvpn_sg, $airvpn_us }

###########
# AirVPN Rules #
##########
block out all
pass out quick on $wifi_if from <private> to <airvpn>
pass out quick on $wifi_if from <private> to <private>
pass out quick on $eth_if from <private> to <airvpn>
pass out quick on $eth_if from <private> to <private>
pass out quick on $vpn_if from any to any
pass out quick on $loop_if from any to any
[\code]

OpenVPN log with pf disabled
[code]
2012-12-13 16:33:56 *Tunnelblick: OS X 10.8.2; Tunnelblick 3.3beta21a (build 3114.1)
2012-12-13 16:33:56 *Tunnelblick: Attempting connection with AirVPN SE Cygni - UDP 443; Set nameserver = 1; not monitoring connection
2012-12-13 16:33:56 *Tunnelblick: /Applications/Tunnelblick.app/Contents/Resources/openvpnstart start AirVPN\ SE\ Cygni\ -\ UDP\ 443.tblk 1343 1 0 0 1 49 -atADGNWradsgnw 
2012-12-13 16:33:56 *Tunnelblick: openvpnstart message: Loading tun.kext

OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):

     /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn
     --cd
     /Users/$username/Library/Application Support/Tunnelblick/Configurations/AirVPN SE Cygni - UDP 443.tblk/Contents/Resources
     --daemon
     --management
     127.0.0.1
     1343
     --config
     /Users/$username/Library/Application Support/Tunnelblick/Configurations/AirVPN SE Cygni - UDP 443.tblk/Contents/Resources/config.ovpn
     --log
     /Library/Application Support/Tunnelblick/Logs/-SUsers-S$username-SLibrary-SApplication Support-STunnelblick-SConfigurations-SAirVPN SE Cygni -- UDP 443.tblk-SContents-SResources-Sconfig.ovpn.1_0_0_1_49.1343.openvpn.log
     --management-query-passwords
     --management-hold
     --script-security
     2
     --up
     /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -w -d -atADGNWradsgnw
     --down
     /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -w -d -atADGNWradsgnw
     --up-restart
     --route-pre-down
     /Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -w -d -atADGNWradsgnw
2012-12-13 16:33:56 *Tunnelblick: Established communication with OpenVPN
2012-12-13 16:33:56 OpenVPN 2.3-alpha1 i386-apple-darwin10.8.0 [SSL (OpenSSL)] [LZO2] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110522-1 (2.2.0)] built on Sep 12 2012
2012-12-13 16:33:56 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1343
2012-12-13 16:33:56 Need hold release from management interface, waiting...
2012-12-13 16:33:56 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1343
2012-12-13 16:33:56 MANAGEMENT: CMD 'pid'
2012-12-13 16:33:56 MANAGEMENT: CMD 'state on'
2012-12-13 16:33:56 MANAGEMENT: CMD 'state'
2012-12-13 16:33:56 MANAGEMENT: CMD 'bytecount 1'
2012-12-13 16:33:56 MANAGEMENT: CMD 'hold release'
2012-12-13 16:33:56 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-12-13 16:33:56 WARNING: file 'user.key' is group or others accessible
2012-12-13 16:33:56 Socket Buffers: R=[196724->65536] S=[9216->65536]
2012-12-13 16:33:56 UDPv4 link local: [undef]
2012-12-13 16:33:56 UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:443
2012-12-13 16:33:56 MANAGEMENT: >STATE:1355412836,WAIT,,,
2012-12-13 16:33:56 MANAGEMENT: >STATE:1355412836,AUTH,,,
2012-12-13 16:33:56 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:443, sid=979366fd 2c5bb1ca
2012-12-13 16:33:56 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
2012-12-13 16:33:56 VERIFY OK: nsCertType=SERVER
2012-12-13 16:33:56 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
2012-12-13 16:33:56 *Tunnelblick: openvpnstart starting OpenVPN:
                    *                    /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn --cd /Users/$username/Library/Application Support/Tunnelblick/Configurations/AirVPN SE Cygni - UDP 443.tblk/Contents/Resources --daemon --management 127.0.0.1 1343 --config /Users/$username/Library/Application Support/Tunnelblick/Configurations/AirVPN SE Cygni - UDP 443.tblk/Contents/Resources/config.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SUsers-S$username-SLibrary-SApplication Support-STunnelblick-SConfigurations-SAirVPN SE Cygni -- UDP 443.tblk-SContents-SResources-Sconfig.ovpn.1_0_0_1_49.1343.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -w -d -atADGNWradsgnw --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -w -d -atADGNWradsgnw --up-restart --route-pre-down /Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -w -d -atADGNWradsgnw
2012-12-13 16:33:58 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
2012-12-13 16:33:58 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-12-13 16:33:58 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
2012-12-13 16:33:58 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-12-13 16:33:58 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2012-12-13 16:33:58 [server] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:443
2012-12-13 16:33:59 MANAGEMENT: >STATE:1355412839,GET_CONFIG,,,
2012-12-13 16:34:00 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-12-13 16:34:00 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.8.138 10.4.8.137'
2012-12-13 16:34:00 OPTIONS IMPORT: timers and/or timeouts modified
2012-12-13 16:34:00 OPTIONS IMPORT: LZO parms modified
2012-12-13 16:34:00 OPTIONS IMPORT: --ifconfig/up options modified
2012-12-13 16:34:00 OPTIONS IMPORT: route options modified
2012-12-13 16:34:00 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2012-12-13 16:34:00 ROUTE_GATEWAY 192.168.2.1/255.255.255.0 IFACE=en0 HWADDR=00:11:22:33:44:55
2012-12-13 16:34:00 TUN/TAP device /dev/tun0 opened
2012-12-13 16:34:00 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
2012-12-13 16:34:00 MANAGEMENT: >STATE:1355412840,ASSIGN_IP,,10.4.8.138,
2012-12-13 16:34:00 /sbin/ifconfig tun0 delete
                                        ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2012-12-13 16:34:00 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2012-12-13 16:34:00 /sbin/ifconfig tun0 10.4.8.138 10.4.8.137 mtu 1500 netmask 255.255.255.255 up
2012-12-13 16:34:00 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -w -d -atADGNWradsgnw tun0 1500 1558 10.4.8.138 10.4.8.137 init
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: Retrieved name server(s) [ 10.4.0.1 ] and SMB server(s) [ ] and using default domain name [ openvpn ]
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_DNS_CONFIG = No such key
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_SMB_CONFIG = No such key
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_DNS_CONFIG = <dictionary> { DomainName : $username SearchDomains : <array> { $username } ServerAddresses : <array> { 192.168.2.100 } }
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_SMB_CONFIG = No such key
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: DYN_DNS_DN = openvpn; DYN_DNS_SA = 10.4.0.1; DYN_DNS_SD =
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: DYN_SMB_NN = ; DYN_SMB_WG = ; DYN_SMB_WA =
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_DNS_DN = ; MAN_DNS_SA = ; MAN_DNS_SD =
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: MAN_SMB_NN = ; MAN_SMB_WG = ; MAN_SMB_WA =
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_DNS_DN = $username; CUR_DNS_SA = 192.168.2.100; CUR_DNS_SD = $username
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: CUR_SMB_NN = ; CUR_SMB_WG = ; CUR_SMB_WA =
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: ServerAddresses were not aggregated because running on OS X 10.6 or higher
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: Setting search domains to 'openvpn' because running under OS X 10.6 or higher and the search domains were not set manually and 'Prepend domain name to search domains' was not selected
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: FIN_DNS_DN = openvpn; FIN_DNS_SA = 10.4.0.1; FIN_DNS_SD = openvpn
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: FIN_SMB_NN = ; FIN_SMB_WG = ; FIN_SMB_WA =
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: OS X 10.8 or higher, so will modify DNS settings using Setup: in addition to State:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: SKP_DNS = ; SKP_DNS_SA = ; SKP_DNS_SD = ; SKP_DNS_DN =
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: SKP_SETUP_DNS =
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: SKP_SMB = #; SKP_SMB_NN = #; SKP_SMB_WG = #; SKP_SMB_WA = #
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Configuration changes:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD State: ServerAddresses 10.4.0.1
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD State: SearchDomains openvpn
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD State: DomainName openvpn
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD Setup: ServerAddresses 10.4.0.1
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD Setup: SearchDomains openvpn
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ADD Setup: DomainName openvpn
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ##ADD State: NetBIOSName
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ##ADD State: Workgroup
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: ##ADD State: WINSAddresses
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:02 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Pause for configuration changes to be propagated to State:/Network/Global/DNS and .../SMB
2012-12-13 16:34:03 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:03 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Configurations as read back after changes:
2012-12-13 16:34:03 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/.../DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 10.4.0.1 } }
2012-12-13 16:34:03 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/.../SMB = No such key
2012-12-13 16:34:03 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:03 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Setup:/.../DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 10.4.0.1 } }
2012-12-13 16:34:04 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Setup:/.../SMB = No such key
2012-12-13 16:34:04 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:04 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/Global/DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 10.4.0.1 } }
2012-12-13 16:34:04 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/Global/SMB = No such key
2012-12-13 16:34:04 *Tunnelblick client.up.tunnelblick.sh: DEBUG:
2012-12-13 16:34:04 *Tunnelblick client.up.tunnelblick.sh: DEBUG: Expected by process-network-changes:
2012-12-13 16:34:04 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/OpenVPN/DNS = <dictionary> { DomainName : openvpn SearchDomains : <array> { openvpn } ServerAddresses : <array> { 10.4.0.1 } }
2012-12-13 16:34:04 *Tunnelblick client.up.tunnelblick.sh: DEBUG: State:/Network/OpenVPN/SMB = <dictionary> { TunnelblickNoSuchKey : true }
2012-12-13 16:34:04 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and SMB configurations for later use
2012-12-13 16:34:04 /sbin/route add -net xxx.xxx.xxx.xxx 192.168.2.1 255.255.255.255
                                        add net xxx.xxx.xxx.xxx: gateway 192.168.2.1
2012-12-13 16:34:04 /sbin/route add -net 0.0.0.0 10.4.8.137 128.0.0.0
                                        add net 0.0.0.0: gateway 10.4.8.137
2012-12-13 16:34:04 /sbin/route add -net 128.0.0.0 10.4.8.137 128.0.0.0
                                        add net 128.0.0.0: gateway 10.4.8.137
2012-12-13 16:34:04 MANAGEMENT: >STATE:1355412844,ADD_ROUTES,,,
2012-12-13 16:34:04 /sbin/route add -net 10.4.0.1 10.4.8.137 255.255.255.255
                                        add net 10.4.0.1: gateway 10.4.8.137
2012-12-13 16:34:04 Initialization Sequence Completed
2012-12-13 16:34:04 MANAGEMENT: >STATE:1355412844,CONNECTED,SUCCESS,10.4.8.138,xxx.xxx.xxx.xxx
2012-12-13 16:34:04 *Tunnelblick: Flushed the DNS cache
[/code]

and finally 
OpenVPN log with pf enabled
[code]
2012-12-13 16:31:22 *Tunnelblick: OS X 10.8.2; Tunnelblick 3.3beta21a (build 3114.1)
2012-12-13 16:31:22 *Tunnelblick: Attempting connection with AirVPN SE Cygni - UDP 443; Set nameserver = 1; not monitoring connection
2012-12-13 16:31:22 *Tunnelblick: /Applications/Tunnelblick.app/Contents/Resources/openvpnstart start AirVPN\ SE\ Cygni\ -\ UDP\ 443.tblk 1342 1 0 0 1 49 -atADGNWradsgnw 
2012-12-13 16:31:22 *Tunnelblick: openvpnstart message: Loading tun.kext

OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):

     /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3-alpha1/openvpn
     --cd
     /Users/$username/Library/Application Support/Tunnelblick/Configurations/AirVPN SE Cygni - UDP 443.tblk/Contents/Resources
     --daemon
     --management
     127.0.0.1
     1342
     --config
     /Users/$username/Library/Application Support/Tunnelblick/Configurations/AirVPN SE Cygni - UDP 443.tblk/Contents/Resources/config.ovpn
     --log
     /Library/Application Support/Tunnelblick/Logs/-SUsers-S$username-SLibrary-SApplication Support-STunnelblick-SConfigurations-SAirVPN SE Cygni -- UDP 443.tblk-SContents-SResources-Sconfig.ovpn.1_0_0_1_49.1342.openvpn.log
     --management-query-passwords
     --management-hold
     --script-security
     2
     --up
     /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -w -d -atADGNWradsgnw
     --down
     /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -w -d -atADGNWradsgnw
     --up-restart
     --route-pre-down
     /Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -w -d -atADGNWradsgnw
2012-12-13 16:31:31 *Tunnelblick: Flushed the DNS cache

Staff

Hello!

Maybe a DHCP problem? Try to add the rules:

pass out quick on $eth_if from any to 255.255.255.255

pass out quick on $wifi_if from any to 255.255.255.255

just below the "block out all" rule.

Kind regards

InfiniteInt

Hello again,

First of all I want to thank you for the quick answer. I am afraid that the suggested solution haven't fixed my problem. After I added the broadcast IP the disconnect-procedure was a lot faster, but I can't reconnect, yet.

Staff

Hello again,
First of all I want to thank you for the quick answer. I am afraid that the suggested solution haven't fixed my problem. After I added the broadcast IP the disconnect-procedure was a lot faster, but I can't reconnect, yet.

Hello!

Can you please enable logging for the block rule and publish it?

Kind regards

InfiniteInt

Now I have a log file for the pflog0 interface. I tried to find the right message, but have failed. Tunnelblick connection was started around 9:41:15. Maybe someone can make sense out of it.

09:41:00.737137 rule 1/0(match): block out on en0: 192.168.2.2.57122 > 224.0.0.1.8612: UDP, length 16
09:41:01.086441 rule 4294967295/8(ip-option): pass in on en0: 192.168.2.1 > 224.0.0.1: igmp query v3
09:41:01.131835 rule 4294967295/8(ip-option): pass in on en1: 192.168.2.1 > 224.0.0.1: igmp query v3
09:41:01.186575 rule 1/0(match): block out on en0: 192.168.2.2.54625 > 173.194.70.139.443: Flags [S], seq 3990684218, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508243360 ecr 0,sackOK,eol], length 0
09:41:01.187540 rule 1/0(match): block out on en0: 192.168.2.2.54626 > 173.194.70.139.443: Flags [S], seq 923911364, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508243361 ecr 0,sackOK,eol], length 0
09:41:01.262005 rule 1/0(match): block out on en0: 192.168.2.2.54627 > 173.194.70.102.443: Flags [S], seq 3697764015, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508243435 ecr 0,sackOK,eol], length 0
09:41:01.262015 rule 1/0(match): block out on en0: 192.168.2.2.54628 > 173.194.70.102.443: Flags [S], seq 2480879896, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508243435 ecr 0,sackOK,eol], length 0
09:41:01.376849 rule 1/0(match): block out on en0: 192.168.2.2.54629 > 173.194.70.113.443: Flags [S], seq 807709, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508243549 ecr 0,sackOK,eol], length 0
09:41:01.376903 rule 1/0(match): block out on en0: 192.168.2.2.54630 > 173.194.70.113.443: Flags [S], seq 125407293, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508243549 ecr 0,sackOK,eol], length 0
09:41:01.578073 rule 1/0(match): block out on en0: 192.168.2.2.54632 > 173.194.70.138.443: Flags [S], seq 889987048, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508243750 ecr 0,sackOK,eol], length 0
09:41:01.578083 rule 1/0(match): block out on en0: 192.168.2.2.54631 > 173.194.70.138.443: Flags [S], seq 3317612756, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508243750 ecr 0,sackOK,eol], length 0
09:41:01.724944 rule 1/0(match): block out on en0: 192.168.2.2.54601 > 23.32.111.144.80: Flags [F.], seq 1968567721, ack 2959408712, win 8256, options [nop,nop,TS val 1508243896 ecr 622302391], length 0
09:41:01.724971 rule 1/0(match): block out on en0: 192.168.2.2.54502 > 192.168.2.11.50939: Flags [FP.], seq 2475676110:2475676706, ack 895507305, win 8192, options [nop,nop,TS val 1508243896 ecr 912981770], length 596
09:41:01.778485 rule 1/0(match): block out on en0: 192.168.2.2.54633 > 173.194.70.100.443: Flags [S], seq 619821404, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508243949 ecr 0,sackOK,eol], length 0
09:41:01.778501 rule 1/0(match): block out on en0: 192.168.2.2.54634 > 173.194.70.100.443: Flags [S], seq 3049343965, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508243949 ecr 0,sackOK,eol], length 0
09:41:01.979748 rule 1/0(match): block out on en0: 192.168.2.2.54635 > 173.194.70.101.443: Flags [S], seq 808927198, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508244149 ecr 0,sackOK,eol], length 0
09:41:01.979908 rule 1/0(match): block out on en0: 192.168.2.2.54636 > 173.194.70.101.443: Flags [S], seq 824490830, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508244149 ecr 0,sackOK,eol], length 0
09:41:02.225602 rule 1/0(match): block out on en0: 192.168.2.2.54626 > 173.194.70.139.443: Flags [S], seq 923911364, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508244393 ecr 0,sackOK,eol], length 0
09:41:02.225618 rule 1/0(match): block out on en0: 192.168.2.2.54625 > 173.194.70.139.443: Flags [S], seq 3990684218, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508244393 ecr 0,sackOK,eol], length 0
09:41:02.325787 rule 1/0(match): block out on en0: 192.168.2.2.54628 > 173.194.70.102.443: Flags [S], seq 2480879896, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508244493 ecr 0,sackOK,eol], length 0
09:41:02.325801 rule 1/0(match): block out on en0: 192.168.2.2.54627 > 173.194.70.102.443: Flags [S], seq 3697764015, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508244493 ecr 0,sackOK,eol], length 0
09:41:02.426033 rule 1/0(match): block out on en0: 192.168.2.2.54630 > 173.194.70.113.443: Flags [S], seq 125407293, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508244593 ecr 0,sackOK,eol], length 0
09:41:02.426050 rule 1/0(match): block out on en0: 192.168.2.2.54629 > 173.194.70.113.443: Flags [S], seq 807709, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508244593 ecr 0,sackOK,eol], length 0
09:41:02.426073 rule 1/0(match): block out on en0: 192.168.2.2.54603 > 23.32.111.144.80: Flags [F.], seq 1613176848, ack 2961217993, win 8257, options [nop,nop,TS val 1508244593 ecr 622280390], length 0
09:41:02.626281 rule 1/0(match): block out on en0: 192.168.2.2.54631 > 173.194.70.138.443: Flags [S], seq 3317612756, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508244792 ecr 0,sackOK,eol], length 0
09:41:02.626294 rule 1/0(match): block out on en0: 192.168.2.2.54632 > 173.194.70.138.443: Flags [S], seq 889987048, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508244792 ecr 0,sackOK,eol], length 0
09:41:02.826717 rule 1/0(match): block out on en0: 192.168.2.2.54634 > 173.194.70.100.443: Flags [S], seq 3049343965, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508244992 ecr 0,sackOK,eol], length 0
09:41:02.826727 rule 1/0(match): block out on en0: 192.168.2.2.54633 > 173.194.70.100.443: Flags [S], seq 619821404, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508244992 ecr 0,sackOK,eol], length 0
09:41:03.027643 rule 1/0(match): block out on en0: 192.168.2.2.54636 > 173.194.70.101.443: Flags [S], seq 824490830, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508245192 ecr 0,sackOK,eol], length 0
09:41:03.027659 rule 1/0(match): block out on en0: 192.168.2.2.54635 > 173.194.70.101.443: Flags [S], seq 808927198, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508245192 ecr 0,sackOK,eol], length 0
09:41:03.328334 rule 1/0(match): block out on en0: 192.168.2.2.54626 > 173.194.70.139.443: Flags [S], seq 923911364, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508245492 ecr 0,sackOK,eol], length 0
09:41:03.328350 rule 1/0(match): block out on en0: 192.168.2.2.54625 > 173.194.70.139.443: Flags [S], seq 3990684218, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508245492 ecr 0,sackOK,eol], length 0
09:41:03.328372 rule 1/0(match): block out on en0: 192.168.2.2.54608 > 23.32.111.144.80: Flags [F.], seq 2321464923, ack 2964801045, win 8254, options [nop,nop,TS val 1508245492 ecr 622281392], length 0
09:41:03.428582 rule 1/0(match): block out on en0: 192.168.2.2.54628 > 173.194.70.102.443: Flags [S], seq 2480879896, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508245592 ecr 0,sackOK,eol], length 0
09:41:03.428597 rule 1/0(match): block out on en0: 192.168.2.2.54627 > 173.194.70.102.443: Flags [S], seq 3697764015, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508245592 ecr 0,sackOK,eol], length 0
09:41:03.528663 rule 1/0(match): block out on en0: 192.168.2.2.54630 > 173.194.70.113.443: Flags [S], seq 125407293, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508245692 ecr 0,sackOK,eol], length 0
09:41:03.528679 rule 1/0(match): block out on en0: 192.168.2.2.54629 > 173.194.70.113.443: Flags [S], seq 807709, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508245692 ecr 0,sackOK,eol], length 0
09:41:03.569069 rule 1/0(match): block out on en0: 192.168.2.2.54616 > 23.32.111.144.443: Flags [F.], seq 180544821, ack 2152754552, win 8192, options [nop,nop,TS val 1508245732 ecr 1233899633], length 0
09:41:03.629184 rule 1/0(match): block out on en0: 192.168.2.2.54631 > 173.194.70.138.443: Flags [S], seq 3317612756, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508245792 ecr 0,sackOK,eol], length 0
09:41:03.629197 rule 1/0(match): block out on en0: 192.168.2.2.54632 > 173.194.70.138.443: Flags [S], seq 889987048, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508245792 ecr 0,sackOK,eol], length 0
09:41:03.830083 rule 1/0(match): block out on en0: 192.168.2.2.54634 > 173.194.70.100.443: Flags [S], seq 3049343965, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508245992 ecr 0,sackOK,eol], length 0
09:41:03.830096 rule 1/0(match): block out on en0: 192.168.2.2.54633 > 173.194.70.100.443: Flags [S], seq 619821404, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508245992 ecr 0,sackOK,eol], length 0
09:41:03.930367 rule 1/0(match): block out on en0: 192.168.2.2.54616 > 23.32.111.144.443: Flags [F.], seq 0, ack 1, win 8192, options [nop,nop,TS val 1508246092 ecr 1233899633], length 0
09:41:04.030455 rule 1/0(match): block out on en0: 192.168.2.2.54636 > 173.194.70.101.443: Flags [S], seq 824490830, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508246192 ecr 0,sackOK,eol], length 0
09:41:04.030466 rule 1/0(match): block out on en0: 192.168.2.2.54635 > 173.194.70.101.443: Flags [S], seq 808927198, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508246192 ecr 0,sackOK,eol], length 0
09:41:04.070814 rule 1/0(match): block out on en0: 192.168.2.2.54502 > 192.168.2.11.50939: Flags [F.], seq 596, ack 1, win 8192, options [nop,nop,TS val 1508246231 ecr 912981770], length 0
09:41:04.306370 rule 4294967295/8(ip-option): pass in on en1: 192.168.2.202 > 239.255.255.250: igmp v2 report 239.255.255.250
09:41:04.431447 rule 1/0(match): block out on en0: 192.168.2.2.54626 > 173.194.70.139.443: Flags [S], seq 923911364, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508246590 ecr 0,sackOK,eol], length 0
09:41:04.431461 rule 1/0(match): block out on en0: 192.168.2.2.54625 > 173.194.70.139.443: Flags [S], seq 3990684218, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508246590 ecr 0,sackOK,eol], length 0
09:41:04.431471 rule 1/0(match): block out on en0: 192.168.2.2.54616 > 23.32.111.144.443: Flags [F.], seq 0, ack 1, win 8192, options [nop,nop,TS val 1508246590 ecr 1233899633], length 0
09:41:04.532303 rule 1/0(match): block out on en0: 192.168.2.2.54628 > 173.194.70.102.443: Flags [S], seq 2480879896, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508246690 ecr 0,sackOK,eol], length 0
09:41:04.532319 rule 1/0(match): block out on en0: 192.168.2.2.54627 > 173.194.70.102.443: Flags [S], seq 3697764015, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508246690 ecr 0,sackOK,eol], length 0
09:41:04.568797 rule 1/0(match): block out on en0: 192.168.2.2.54597 > 173.194.70.139.80: Flags [F.], seq 4457210, ack 2006856023, win 8218, options [nop,nop,TS val 1508246725 ecr 321546170], length 0
09:41:04.632509 rule 1/0(match): block out on en0: 192.168.2.2.54630 > 173.194.70.113.443: Flags [S], seq 125407293, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508246788 ecr 0,sackOK,eol], length 0
09:41:04.632524 rule 1/0(match): block out on en0: 192.168.2.2.54629 > 173.194.70.113.443: Flags [S], seq 807709, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508246788 ecr 0,sackOK,eol], length 0
09:41:04.733073 rule 1/0(match): block out on en0: 192.168.2.2.54631 > 173.194.70.138.443: Flags [S], seq 3317612756, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508246888 ecr 0,sackOK,eol], length 0
09:41:04.733088 rule 1/0(match): block out on en0: 192.168.2.2.54632 > 173.194.70.138.443: Flags [S], seq 889987048, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508246888 ecr 0,sackOK,eol], length 0
09:41:04.933677 rule 1/0(match): block out on en0: 192.168.2.2.54634 > 173.194.70.100.443: Flags [S], seq 3049343965, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508247088 ecr 0,sackOK,eol], length 0
09:41:04.933693 rule 1/0(match): block out on en0: 192.168.2.2.54633 > 173.194.70.100.443: Flags [S], seq 619821404, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508247088 ecr 0,sackOK,eol], length 0
09:41:04.933707 rule 1/0(match): block out on en0: 192.168.2.2.54597 > 173.194.70.139.80: Flags [F.], seq 0, ack 1, win 8218, options [nop,nop,TS val 1508247088 ecr 321546170], length 0
09:41:05.134513 rule 1/0(match): block out on en0: 192.168.2.2.54636 > 173.194.70.101.443: Flags [S], seq 824490830, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508247288 ecr 0,sackOK,eol], length 0
09:41:05.134527 rule 1/0(match): block out on en0: 192.168.2.2.54635 > 173.194.70.101.443: Flags [S], seq 808927198, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508247288 ecr 0,sackOK,eol], length 0
09:41:05.234599 rule 1/0(match): block out on en0: 192.168.2.2.54616 > 23.32.111.144.443: Flags [F.], seq 0, ack 1, win 8192, options [nop,nop,TS val 1508247388 ecr 1233899633], length 0
09:41:05.334724 rule 1/0(match): block out on en0: 192.168.2.2.54597 > 173.194.70.139.80: Flags [F.], seq 0, ack 1, win 8218, options [nop,nop,TS val 1508247488 ecr 321546170], length 0
09:41:05.534933 rule 1/0(match): block out on en0: 192.168.2.2.54626 > 173.194.70.139.443: Flags [S], seq 923911364, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508247687 ecr 0,sackOK,eol], length 0
09:41:05.534950 rule 1/0(match): block out on en0: 192.168.2.2.54625 > 173.194.70.139.443: Flags [S], seq 3990684218, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508247687 ecr 0,sackOK,eol], length 0
09:41:05.569878 rule 1/0(match): block out on en0: 192.168.2.2.54607 > 173.252.101.26.80: Flags [F.], seq 1199200623, ack 3276503472, win 8192, options [nop,nop,TS val 1508247722 ecr 4212799602], length 0
09:41:05.635027 rule 1/0(match): block out on en0: 192.168.2.2.54628 > 173.194.70.102.443: Flags [S], seq 2480879896, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508247787 ecr 0,sackOK,eol], length 0
09:41:05.635043 rule 1/0(match): block out on en0: 192.168.2.2.54627 > 173.194.70.102.443: Flags [S], seq 3697764015, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508247787 ecr 0,sackOK,eol], length 0
09:41:05.735192 rule 1/0(match): block out on en0: 192.168.2.2.54630 > 173.194.70.113.443: Flags [S], seq 125407293, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508247887 ecr 0,sackOK,eol], length 0
09:41:05.735209 rule 1/0(match): block out on en0: 192.168.2.2.54629 > 173.194.70.113.443: Flags [S], seq 807709, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508247887 ecr 0,sackOK,eol], length 0
09:41:05.835606 rule 1/0(match): block out on en0: 192.168.2.2.54631 > 173.194.70.138.443: Flags [S], seq 3317612756, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508247987 ecr 0,sackOK,eol], length 0
09:41:05.835623 rule 1/0(match): block out on en0: 192.168.2.2.54632 > 173.194.70.138.443: Flags [S], seq 889987048, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508247987 ecr 0,sackOK,eol], length 0
09:41:05.935798 rule 1/0(match): block out on en0: 192.168.2.2.54597 > 173.194.70.139.80: Flags [F.], seq 0, ack 1, win 8218, options [nop,nop,TS val 1508248087 ecr 321546170], length 0
09:41:06.035946 rule 1/0(match): block out on en0: 192.168.2.2.54634 > 173.194.70.100.443: Flags [S], seq 3049343965, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508248186 ecr 0,sackOK,eol], length 0
09:41:06.035964 rule 1/0(match): block out on en0: 192.168.2.2.54633 > 173.194.70.100.443: Flags [S], seq 619821404, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508248186 ecr 0,sackOK,eol], length 0
09:41:06.136447 rule 1/0(match): block out on en0: 192.168.2.2.54607 > 173.252.101.26.80: Flags [F.], seq 0, ack 1, win 8192, options [nop,nop,TS val 1508248286 ecr 4212799602], length 0
09:41:06.236539 rule 1/0(match): block out on en0: 192.168.2.2.54636 > 173.194.70.101.443: Flags [S], seq 824490830, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508248386 ecr 0,sackOK,eol], length 0
09:41:06.236558 rule 1/0(match): block out on en0: 192.168.2.2.54635 > 173.194.70.101.443: Flags [S], seq 808927198, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508248386 ecr 0,sackOK,eol], length 0
09:41:06.637348 rule 1/0(match): block out on en0: 192.168.2.2.54626 > 173.194.70.139.443: Flags [S], seq 923911364, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508248785 ecr 0,sackOK,eol], length 0
09:41:06.637365 rule 1/0(match): block out on en0: 192.168.2.2.54625 > 173.194.70.139.443: Flags [S], seq 3990684218, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508248785 ecr 0,sackOK,eol], length 0
09:41:06.637382 rule 1/0(match): block out on en0: 192.168.2.2.54616 > 23.32.111.144.443: Flags [F.], seq 0, ack 1, win 8192, options [nop,nop,TS val 1508248785 ecr 1233899633], length 0
09:41:06.737482 rule 1/0(match): block out on en0: 192.168.2.2.54628 > 173.194.70.102.443: Flags [S], seq 2480879896, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508248885 ecr 0,sackOK,eol], length 0
09:41:06.737498 rule 1/0(match): block out on en0: 192.168.2.2.54627 > 173.194.70.102.443: Flags [S], seq 3697764015, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508248885 ecr 0,sackOK,eol], length 0
09:41:06.837871 rule 1/0(match): block out on en0: 192.168.2.2.54630 > 173.194.70.113.443: Flags [S], seq 125407293, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508248985 ecr 0,sackOK,eol], length 0
09:41:06.837887 rule 1/0(match): block out on en0: 192.168.2.2.54629 > 173.194.70.113.443: Flags [S], seq 807709, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508248985 ecr 0,sackOK,eol], length 0
09:41:06.938036 rule 1/0(match): block out on en0: 192.168.2.2.54631 > 173.194.70.138.443: Flags [S], seq 3317612756, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508249085 ecr 0,sackOK,eol], length 0
09:41:06.938052 rule 1/0(match): block out on en0: 192.168.2.2.54632 > 173.194.70.138.443: Flags [S], seq 889987048, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508249085 ecr 0,sackOK,eol], length 0
09:41:06.938070 rule 1/0(match): block out on en0: 192.168.2.2.54597 > 173.194.70.139.80: Flags [F.], seq 0, ack 1, win 8218, options [nop,nop,TS val 1508249085 ecr 321546170], length 0
09:41:07.038546 rule 1/0(match): block out on en0: 192.168.2.2.54607 > 173.252.101.26.80: Flags [F.], seq 0, ack 1, win 8192, options [nop,nop,TS val 1508249184 ecr 4212799602], length 0
09:41:07.139080 rule 1/0(match): block out on en0: 192.168.2.2.54634 > 173.194.70.100.443: Flags [S], seq 3049343965, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508249284 ecr 0,sackOK,eol], length 0
09:41:07.139103 rule 1/0(match): block out on en0: 192.168.2.2.54633 > 173.194.70.100.443: Flags [S], seq 619821404, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508249284 ecr 0,sackOK,eol], length 0
09:41:07.340218 rule 1/0(match): block out on en0: 192.168.2.2.54636 > 173.194.70.101.443: Flags [S], seq 824490830, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508249484 ecr 0,sackOK,eol], length 0
09:41:07.340242 rule 1/0(match): block out on en0: 192.168.2.2.54635 > 173.194.70.101.443: Flags [S], seq 808927198, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508249484 ecr 0,sackOK,eol], length 0
09:41:07.424906 rule 1/0(match): block out on en0: 192.168.2.2.54542 > 173.194.70.102.443: Flags [P.], seq 1497353:1497390, ack 4013659436, win 8192, options [nop,nop,TS val 1508249568 ecr 315592809], length 37
09:41:07.841941 rule 1/0(match): block out on en0: 192.168.2.2.54542 > 173.194.70.102.443: Flags [P.], seq 0:37, ack 1, win 8192, options [nop,nop,TS val 1508249982 ecr 315592809], length 37
09:41:08.197840 rule 4294967295/8(ip-option): pass in on en1: 192.168.2.101 > 224.0.0.22: igmp v3 report, 1 group record(s)
09:41:08.344613 rule 1/0(match): block out on en0: 192.168.2.2.54542 > 173.194.70.102.443: Flags [P.], seq 0:37, ack 1, win 8192, options [nop,nop,TS val 1508250483 ecr 315592809], length 37
09:41:08.444906 rule 1/0(match): block out on en0: 192.168.2.2.54502 > 192.168.2.11.50939: Flags [R.], seq 597, ack 1, win 8192, length 0
09:41:08.544974 rule 1/0(match): block out on en0: 192.168.2.2.54607 > 173.252.101.26.80: Flags [F.], seq 0, ack 1, win 8192, options [nop,nop,TS val 1508250682 ecr 4212799602], length 0
09:41:08.645166 rule 1/0(match): block out on en0: 192.168.2.2.54597 > 173.194.70.139.80: Flags [F.], seq 0, ack 1, win 8218, options [nop,nop,TS val 1508250782 ecr 321546170], length 0
09:41:08.745558 rule 1/0(match): block out on en0: 192.168.2.2.54626 > 173.194.70.139.443: Flags [S], seq 923911364, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508250882 ecr 0,sackOK,eol], length 0
09:41:08.745573 rule 1/0(match): block out on en0: 192.168.2.2.54625 > 173.194.70.139.443: Flags [S], seq 3990684218, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508250882 ecr 0,sackOK,eol], length 0
09:41:08.827527 rule 1/0(match): block out on en0: 192.168.2.2.51091 > 224.0.0.1.8612: UDP, length 16
09:41:08.845726 rule 1/0(match): block out on en0: 192.168.2.2.54628 > 173.194.70.102.443: Flags [S], seq 2480879896, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508250981 ecr 0,sackOK,eol], length 0
09:41:08.845745 rule 1/0(match): block out on en0: 192.168.2.2.54627 > 173.194.70.102.443: Flags [S], seq 3697764015, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508250981 ecr 0,sackOK,eol], length 0
09:41:08.945889 rule 1/0(match): block out on en0: 192.168.2.2.54630 > 173.194.70.113.443: Flags [S], seq 125407293, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508251081 ecr 0,sackOK,eol], length 0
09:41:08.945908 rule 1/0(match): block out on en0: 192.168.2.2.54629 > 173.194.70.113.443: Flags [S], seq 807709, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508251081 ecr 0,sackOK,eol], length 0
09:41:09.046039 rule 1/0(match): block out on en0: 192.168.2.2.54631 > 173.194.70.138.443: Flags [S], seq 3317612756, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508251180 ecr 0,sackOK,eol], length 0
09:41:09.046057 rule 1/0(match): block out on en0: 192.168.2.2.54632 > 173.194.70.138.443: Flags [S], seq 889987048, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508251180 ecr 0,sackOK,eol], length 0
09:41:09.146195 rule 1/0(match): block out on en0: 192.168.2.2.54616 > 23.32.111.144.443: Flags [F.], seq 0, ack 1, win 8192, options [nop,nop,TS val 1508251280 ecr 1233899633], length 0
09:41:09.146212 rule 1/0(match): block out on en0: 192.168.2.2.54542 > 173.194.70.102.443: Flags [P.], seq 0:37, ack 1, win 8192, options [nop,nop,TS val 1508251280 ecr 315592809], length 37
09:41:09.246411 rule 1/0(match): block out on en0: 192.168.2.2.54634 > 173.194.70.100.443: Flags [S], seq 3049343965, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508251380 ecr 0,sackOK,eol], length 0
09:41:09.246429 rule 1/0(match): block out on en0: 192.168.2.2.54633 > 173.194.70.100.443: Flags [S], seq 619821404, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508251380 ecr 0,sackOK,eol], length 0
09:41:09.346979 rule 1/0(match): block out on en0: 192.168.2.2.54486 > 173.194.70.95.443: Flags [R.], seq 470732930, ack 4272459451, win 10319, length 0
09:41:09.447136 rule 1/0(match): block out on en0: 192.168.2.2.54636 > 173.194.70.101.443: Flags [S], seq 824490830, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508251580 ecr 0,sackOK,eol], length 0
09:41:09.447155 rule 1/0(match): block out on en0: 192.168.2.2.54635 > 173.194.70.101.443: Flags [S], seq 808927198, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508251580 ecr 0,sackOK,eol], length 0
09:41:09.816896 rule 1/0(match): block out on en0: 192.168.2.2.123 > 17.72.255.12.123: NTPv4, Client, length 48
09:41:09.822119 rule 1/0(match): block out on en0: 192.168.2.2.54607 > 173.252.101.26.80: Flags [F.], seq 0, ack 2, win 8192, options [nop,nop,TS val 1508251953 ecr 4212919604], length 0
09:41:09.948478 rule 1/0(match): block out on en0: 192.168.2.2.54601 > 23.32.111.144.80: Flags [F.], seq 0, ack 1, win 8256, options [nop,nop,TS val 1508252078 ecr 622302391], length 0
09:41:10.181520 rule 1/0(match): block out on en0: 192.168.2.2.54607 > 173.252.101.26.80: Flags [F.], seq 0, ack 2, win 8192, options [nop,nop,TS val 1508252309 ecr 4212919604], length 0
09:41:10.349549 rule 1/0(match): block out on en0: 192.168.2.2.54603 > 23.32.111.144.80: Flags [F.], seq 0, ack 1, win 8257, options [nop,nop,TS val 1508252476 ecr 622280390], length 0
09:41:10.449906 rule 1/0(match): block out on en0: 192.168.2.2.54542 > 173.194.70.102.443: Flags [P.], seq 0:37, ack 1, win 8192, options [nop,nop,TS val 1508252576 ecr 315592809], length 37
09:41:10.902234 rule 1/0(match): block out on en0: 192.168.2.2.54607 > 173.252.101.26.80: Flags [F.], seq 0, ack 2, win 8192, options [nop,nop,TS val 1508253027 ecr 4212919604], length 0
09:41:10.952378 rule 1/0(match): block out on en0: 192.168.2.2.54597 > 173.194.70.139.80: Flags [F.], seq 0, ack 1, win 8218, options [nop,nop,TS val 1508253077 ecr 321546170], length 0
09:41:11.126392 rule 4294967295/8(ip-option): pass in on en0: 192.168.2.202 > 224.0.0.251: igmp v2 report 224.0.0.251
09:41:11.167500 rule 4294967295/8(ip-option): pass in on en1: 192.168.2.202 > 224.0.0.251: igmp v2 report 224.0.0.251
09:41:11.253699 rule 1/0(match): block out on en0: 192.168.2.2.54608 > 23.32.111.144.80: Flags [F.], seq 0, ack 1, win 8254, options [nop,nop,TS val 1508253376 ecr 622281392], length 0
09:41:12.255141 rule 1/0(match): block out on en0: 192.168.2.2.54616 > 23.32.111.144.443: Flags [F.], seq 0, ack 1, win 8192, options [nop,nop,TS val 1508254374 ecr 1233899633], length 0
09:41:12.342837 rule 1/0(match): block out on en0: 192.168.2.2.54607 > 173.252.101.26.80: Flags [F.], seq 0, ack 2, win 8192, options [nop,nop,TS val 1508254461 ecr 4212919604], length 0
09:41:12.856311 rule 1/0(match): block out on en0: 192.168.2.2.54626 > 173.194.70.139.443: Flags [S], seq 923911364, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:12.856330 rule 1/0(match): block out on en0: 192.168.2.2.54625 > 173.194.70.139.443: Flags [S], seq 3990684218, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:12.856348 rule 1/0(match): block out on en0: 192.168.2.2.54607 > 173.252.101.26.80: Flags [F.], seq 0, ack 2, win 8192, options [nop,nop,TS val 1508254972 ecr 4212919604], length 0
09:41:12.856367 rule 1/0(match): block out on en0: 192.168.2.2.54542 > 173.194.70.102.443: Flags [P.], seq 0:37, ack 1, win 8192, options [nop,nop,TS val 1508254972 ecr 315592809], length 37
09:41:12.956652 rule 1/0(match): block out on en0: 192.168.2.2.54628 > 173.194.70.102.443: Flags [S], seq 2480879896, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:12.956670 rule 1/0(match): block out on en0: 192.168.2.2.54627 > 173.194.70.102.443: Flags [S], seq 3697764015, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:13.056994 rule 1/0(match): block out on en0: 192.168.2.2.54630 > 173.194.70.113.443: Flags [S], seq 125407293, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:13.057013 rule 1/0(match): block out on en0: 192.168.2.2.54629 > 173.194.70.113.443: Flags [S], seq 807709, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:13.157663 rule 1/0(match): block out on en0: 192.168.2.2.54631 > 173.194.70.138.443: Flags [S], seq 3317612756, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:13.157677 rule 1/0(match): block out on en0: 192.168.2.2.54632 > 173.194.70.138.443: Flags [S], seq 889987048, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:13.358276 rule 1/0(match): block out on en0: 192.168.2.2.54634 > 173.194.70.100.443: Flags [S], seq 3049343965, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:13.358296 rule 1/0(match): block out on en0: 192.168.2.2.54633 > 173.194.70.100.443: Flags [S], seq 619821404, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:13.558642 rule 1/0(match): block out on en0: 192.168.2.2.54636 > 173.194.70.101.443: Flags [S], seq 824490830, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:13.558661 rule 1/0(match): block out on en0: 192.168.2.2.54635 > 173.194.70.101.443: Flags [S], seq 808927198, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:15.217880 rule 1/0(match): block out on en0: 192.168.2.2.54607 > 173.252.101.26.80: Flags [F.], seq 0, ack 2, win 8192, options [nop,nop,TS val 1508257322 ecr 4212919604], length 0
09:41:15.264525 rule 1/0(match): block out on en0: 192.168.2.2.54597 > 173.194.70.139.80: Flags [F.], seq 0, ack 1, win 8218, options [nop,nop,TS val 1508257368 ecr 321546170], length 0
09:41:15.428191 rule 1/0(match): block out on en0: 192.168.2.2.54542 > 173.194.70.102.443: Flags [P.], seq 37:64, ack 1, win 8192, options [nop,nop,TS val 1508257531 ecr 315592809], length 27
09:41:15.428207 rule 1/0(match): block out on en0: 192.168.2.2.54542 > 173.194.70.102.443: Flags [F.], seq 64, ack 1, win 8192, options [nop,nop,TS val 1508257531 ecr 315592809], length 0
09:41:15.657135 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [S.], seq 331329847, ack 3348569037, win 65535, options [mss 16344,nop,wscale 4,nop,nop,TS val 1508257756 ecr 1508257756,sackOK,eol], length 0
09:41:15.765391 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [S.], seq 331329847, ack 3348569037, win 65535, options [mss 16344,nop,wscale 4,nop,nop,TS val 1508257864 ecr 1508257756,sackOK,eol], length 0
09:41:15.765462 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [.], ack 1, win 65535, options [nop,nop,TS val 1508257864 ecr 1508257864], length 0
09:41:15.865581 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [.], ack 1, win 65535, options [nop,nop,TS val 1508257964 ecr 1508257964], length 0
09:41:15.965652 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [S.], seq 331329847, ack 3348569037, win 65535, options [mss 16344,nop,wscale 4,nop,nop,TS val 1508258064 ecr 1508257964,sackOK,eol], length 0
09:41:15.965725 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [.], ack 1, win 65535, options [nop,nop,TS val 1508258064 ecr 1508258064], length 0
09:41:16.066242 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [.], ack 1, win 65535, options [nop,nop,TS val 1508258164 ecr 1508258164], length 0
09:41:16.166508 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [.], ack 1, win 65535, options [nop,nop,TS val 1508258264 ecr 1508258264], length 0
09:41:16.266757 rule 1/0(match): block out on en0: 192.168.2.2.54542 > 173.194.70.102.443: Flags [FP.], seq 0:64, ack 1, win 8192, options [nop,nop,TS val 1508258364 ecr 315592809], length 64
09:41:16.266767 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [.], ack 1, win 65535, options [nop,nop,TS val 1508258364 ecr 1508258364], length 0
09:41:16.367100 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [S.], seq 331329847, ack 3348569037, win 65535, options [mss 16344,nop,wscale 4,nop,nop,TS val 1508258464 ecr 1508258364,sackOK,eol], length 0
09:41:16.467542 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [.], ack 1, win 65535, options [nop,nop,TS val 1508258564 ecr 1508258364], length 0
09:41:16.768118 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [.], ack 1, win 65535, options [nop,nop,TS val 1508258863 ecr 1508258364], length 0
09:41:16.919510 rule 1/0(match): block out on en0: 192.168.2.2.63270 > 224.0.0.1.8612: UDP, length 16
09:41:17.269411 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [S.], seq 331329847, ack 3348569037, win 65535, options [mss 16344,nop,wscale 4,nop,nop,TS val 1508259363 ecr 1508258364,sackOK,eol], length 0
09:41:17.269476 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [.], ack 1, win 65535, options [nop,nop,TS val 1508259363 ecr 1508258364], length 0
09:41:17.972033 rule 1/0(match): block out on en0: 192.168.2.2.54607 > 173.252.101.26.80: Flags [F.], seq 0, ack 2, win 8192, options [nop,nop,TS val 1508260062 ecr 4212919604], length 0
09:41:18.173266 rule 1/0(match): block out on en0: 192.168.2.2.54601 > 23.32.111.144.80: Flags [F.], seq 0, ack 1, win 8256, options [nop,nop,TS val 1508260262 ecr 622302391], length 0
09:41:18.273883 rule 1/0(match): block out on en0: 192.168.2.2.54616 > 23.32.111.144.443: Flags [F.], seq 0, ack 1, win 8192, options [nop,nop,TS val 1508260362 ecr 1233899633], length 0
09:41:18.273894 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [.], ack 1, win 65535, options [nop,nop,TS val 1508260362 ecr 1508258364], length 0
09:41:18.273902 rule 1/0(match): block out on en0: 192.168.2.2.54603 > 23.32.111.144.80: Flags [F.], seq 0, ack 1, win 8257, options [nop,nop,TS val 1508260362 ecr 622280390], length 0
09:41:18.974771 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [S.], seq 331329847, ack 3348569037, win 65535, options [mss 16344,nop,wscale 4,nop,nop,TS val 1508261061 ecr 1508258364,sackOK,eol], length 0
09:41:19.174945 rule 1/0(match): block out on en0: 192.168.2.2.54608 > 23.32.111.144.80: Flags [F.], seq 0, ack 1, win 8254, options [nop,nop,TS val 1508261260 ecr 622281392], length 0
09:41:19.576077 rule 1/0(match): block out on en0: 192.168.2.2.54597 > 173.194.70.139.80: Flags [F.], seq 0, ack 1, win 8218, options [nop,nop,TS val 1508261659 ecr 321546170], length 0
09:41:20.277947 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [.], ack 1, win 65535, options [nop,nop,TS val 1508262358 ecr 1508258364], length 0
09:41:20.970020 rule 1/0(match): block out on en0: 192.168.2.2.54607 > 173.252.101.26.80: Flags [F.], seq 0, ack 2, win 8192, options [nop,nop,TS val 1508263048 ecr 4212919604], length 0
09:41:20.979853 rule 1/0(match): block out on en0: 192.168.2.2.54626 > 173.194.70.139.443: Flags [S], seq 923911364, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:20.979871 rule 1/0(match): block out on en0: 192.168.2.2.54625 > 173.194.70.139.443: Flags [S], seq 3990684218, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:21.080203 rule 1/0(match): block out on en0: 192.168.2.2.54628 > 173.194.70.102.443: Flags [S], seq 2480879896, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:21.080222 rule 1/0(match): block out on en0: 192.168.2.2.54627 > 173.194.70.102.443: Flags [S], seq 3697764015, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:21.181043 rule 1/0(match): block out on en0: 192.168.2.2.54630 > 173.194.70.113.443: Flags [S], seq 125407293, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:21.181061 rule 1/0(match): block out on en0: 192.168.2.2.54629 > 173.194.70.113.443: Flags [S], seq 807709, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:21.194012 rule 4294967295/8(ip-option): pass in on en0: 192.168.2.1 > 224.0.0.1: igmp query v3
09:41:21.202712 rule 4294967295/8(ip-option): pass in on en1: 192.168.2.1 > 224.0.0.1: igmp query v3
09:41:21.281151 rule 1/0(match): block out on en0: 192.168.2.2.54631 > 173.194.70.138.443: Flags [S], seq 3317612756, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:21.281169 rule 1/0(match): block out on en0: 192.168.2.2.54632 > 173.194.70.138.443: Flags [S], seq 889987048, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:21.481737 rule 1/0(match): block out on en0: 192.168.2.2.54634 > 173.194.70.100.443: Flags [S], seq 3049343965, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:21.481756 rule 1/0(match): block out on en0: 192.168.2.2.54633 > 173.194.70.100.443: Flags [S], seq 619821404, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:21.682142 rule 1/0(match): block out on en0: 192.168.2.2.54636 > 173.194.70.101.443: Flags [S], seq 824490830, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:21.682162 rule 1/0(match): block out on en0: 192.168.2.2.54635 > 173.194.70.101.443: Flags [S], seq 808927198, win 65535, options [mss 1460,sackOK,eol], length 0
09:41:22.283524 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [S.], seq 331329847, ack 3348569037, win 65535, options [mss 16344,nop,wscale 4,nop,nop,TS val 1508264356 ecr 1508258364,sackOK,eol], length 0
09:41:22.283592 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [.], ack 1, win 65535, options [nop,nop,TS val 1508264356 ecr 1508258364], length 0
09:41:22.738750 rule 4294967295/8(ip-option): pass in on en1: 192.168.2.101 > 224.0.0.22: igmp v3 report, 1 group record(s)
09:41:22.884613 rule 1/0(match): block out on en0: 192.168.2.2.54542 > 173.194.70.102.443: Flags [FP.], seq 0:64, ack 1, win 8192, options [nop,nop,TS val 1508264956 ecr 315592809], length 64
09:41:23.886252 rule 1/0(match): block out on en0: 192.168.2.2.54597 > 173.194.70.139.80: Flags [F.], seq 0, ack 1, win 8218, options [nop,nop,TS val 1508265955 ecr 321546170], length 0
09:41:24.001532 rule 1/0(match): block out on en0: 192.168.2.2.55128 > 224.0.0.1.8612: UDP, length 16
09:41:24.287402 rule 1/0(match): block out on en0: 192.168.2.2.54616 > 23.32.111.144.443: Flags [F.], seq 0, ack 1, win 8192, options [nop,nop,TS val 1508266354 ecr 1233899633], length 0
09:41:24.586178 rule 1/0(match): block out on en0: 192.168.2.2.5353 > 224.0.0.251.5353: 0 [14q] PTR (QU)? _sleep-proxy._udp.local. PTR (QU)? _apple-mobdev._tcp.local. PTR (QU)? _airplay._tcp.local. PTR (QU)? _raop._tcp.local. PTR (QU)? _afpovertcp._tcp.local. PTR (QU)? _smb._tcp.local. PTR (QU)? _rfb._tcp.local. PTR (QU)? _adisk._tcp.local. PTR (QU)? _airport._tcp.local. PTR (QU)? _ipp._tcp.local. PTR (QU)? _scanner._tcp.local. PTR (QU)? _pdl-datastream._tcp.local. PTR (QU)? _printer._tcp.local. PTR (QU)? _ptp._tcp.local. (235)
09:41:24.586220 rule 1/0(match): block out on en0: fe80::223:dfff:fea8:21b2.5353 > ff02::fb.5353: 0 [14q] PTR (QU)? _sleep-proxy._udp.local. PTR (QU)? _apple-mobdev._tcp.local. PTR (QU)? _airplay._tcp.local. PTR (QU)? _raop._tcp.local. PTR (QU)? _afpovertcp._tcp.local. PTR (QU)? _smb._tcp.local. PTR (QU)? _rfb._tcp.local. PTR (QU)? _adisk._tcp.local. PTR (QU)? _airport._tcp.local. PTR (QU)? _ipp._tcp.local. PTR (QU)? _scanner._tcp.local. PTR (QU)? _pdl-datastream._tcp.local. PTR (QU)? _printer._tcp.local. PTR (QU)? _ptp._tcp.local. (235)
09:41:24.586249 rule 1/0(match): block out on en1: 192.168.2.12.5353 > 224.0.0.251.5353: 0 [14q] PTR (QU)? _sleep-proxy._udp.local. PTR (QU)? _apple-mobdev._tcp.local. PTR (QU)? _airplay._tcp.local. PTR (QU)? _raop._tcp.local. PTR (QU)? _afpovertcp._tcp.local. PTR (QU)? _smb._tcp.local. PTR (QU)? _rfb._tcp.local. PTR (QU)? _adisk._tcp.local. PTR (QU)? _airport._tcp.local. PTR (QU)? _ipp._tcp.local. PTR (QU)? _scanner._tcp.local. PTR (QU)? _pdl-datastream._tcp.local. PTR (QU)? _printer._tcp.local. PTR (QU)? _ptp._tcp.local. (235)
09:41:24.586268 rule 1/0(match): block out on en1: fe80::224:36ff:feb7:9867.5353 > ff02::fb.5353: 0 [14q] PTR (QU)? _sleep-proxy._udp.local. PTR (QU)? _apple-mobdev._tcp.local. PTR (QU)? _airplay._tcp.local. PTR (QU)? _raop._tcp.local. PTR (QU)? _afpovertcp._tcp.local. PTR (QU)? _smb._tcp.local. PTR (QU)? _rfb._tcp.local. PTR (QU)? _adisk._tcp.local. PTR (QU)? _airport._tcp.local. PTR (QU)? _ipp._tcp.local. PTR (QU)? _scanner._tcp.local. PTR (QU)? _pdl-datastream._tcp.local. PTR (QU)? _printer._tcp.local. PTR (QU)? _ptp._tcp.local. (235)
09:41:24.603429 rule 1/0(match): block out on en0: 192.168.2.2.54638 > 173.194.70.101.443: Flags [S], seq 942823465, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508266668 ecr 0,sackOK,eol], length 0
09:41:24.603911 rule 1/0(match): block out on en0: 192.168.2.2.54639 > 173.194.70.101.443: Flags [S], seq 2905453602, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508266668 ecr 0,sackOK,eol], length 0
09:41:24.686691 rule 1/0(match): block out on en0: 192.168.2.2.5353 > 224.0.0.251.5353: 0*- [0q] 4/0/0 TXT "model=iMac9,1", PTR Jonas Latzas iMac._smb._tcp.local., PTR Jonas Latzas iMac._afpovertcp._tcp.local., PTR Jonas Latzas iMac._rfb._tcp.local. (197)
09:41:24.686796 rule 1/0(match): block out on en0: fe80::223:dfff:fea8:21b2.5353 > ff02::fb.5353: 0*- [0q] 4/0/0 TXT "model=iMac9,1", PTR Jonas Latzas iMac._smb._tcp.local., PTR Jonas Latzas iMac._afpovertcp._tcp.local., PTR Jonas Latzas iMac._rfb._tcp.local. (197)
09:41:24.686842 rule 1/0(match): block out on en1: 192.168.2.12.5353 > 224.0.0.251.5353: 0*- [0q] 4/0/0 TXT "model=iMac9,1", PTR Jonas Latzas iMac._smb._tcp.local., PTR Jonas Latzas iMac._afpovertcp._tcp.local., PTR Jonas Latzas iMac._rfb._tcp.local. (197)
09:41:24.686879 rule 1/0(match): block out on en1: fe80::224:36ff:feb7:9867.5353 > ff02::fb.5353: 0*- [0q] 4/0/0 TXT "model=iMac9,1", PTR Jonas Latzas iMac._smb._tcp.local., PTR Jonas Latzas iMac._afpovertcp._tcp.local., PTR Jonas Latzas iMac._rfb._tcp.local. (197)
09:41:24.804318 rule 1/0(match): block out on en0: 192.168.2.2.54640 > 173.194.70.139.443: Flags [S], seq 3069322209, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508266868 ecr 0,sackOK,eol], length 0
09:41:24.804330 rule 1/0(match): block out on en0: 192.168.2.2.54641 > 173.194.70.139.443: Flags [S], seq 2096866938, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508266868 ecr 0,sackOK,eol], length 0
09:41:24.879474 rule 1/0(match): block out on en0: 192.168.2.2.54642 > 173.194.70.102.443: Flags [S], seq 444398866, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508266943 ecr 0,sackOK,eol], length 0
09:41:24.879486 rule 1/0(match): block out on en0: 192.168.2.2.54643 > 173.194.70.102.443: Flags [S], seq 3827709279, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508266943 ecr 0,sackOK,eol], length 0
09:41:24.993913 rule 1/0(match): block out on en0: 192.168.2.2.54645 > 173.194.70.113.443: Flags [S], seq 2779191317, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508267056 ecr 0,sackOK,eol], length 0
09:41:24.993929 rule 1/0(match): block out on en0: 192.168.2.2.54644 > 173.194.70.113.443: Flags [S], seq 269395771, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508267056 ecr 0,sackOK,eol], length 0
09:41:25.089551 rule 1/0(match): block out on en0: 192.168.2.2.54607 > 173.252.101.26.80: Flags [F.], seq 0, ack 2, win 8192, options [nop,nop,TS val 1508267150 ecr 4212919604], length 0
09:41:25.194262 rule 1/0(match): block out on en0: 192.168.2.2.54647 > 173.194.70.138.443: Flags [S], seq 2951578358, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508267254 ecr 0,sackOK,eol], length 0
09:41:25.194278 rule 1/0(match): block out on en0: 192.168.2.2.54646 > 173.194.70.138.443: Flags [S], seq 3376315040, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508267254 ecr 0,sackOK,eol], length 0
09:41:25.394608 rule 1/0(match): block out on en0: 192.168.2.2.54649 > 173.194.70.100.443: Flags [S], seq 3844734284, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508267453 ecr 0,sackOK,eol], length 0
09:41:25.394624 rule 1/0(match): block out on en0: 192.168.2.2.54648 > 173.194.70.100.443: Flags [S], seq 1119138175, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508267453 ecr 0,sackOK,eol], length 0
09:41:25.587637 rule 1/0(match): block out on en0: 192.168.2.2.5353 > 224.0.0.251.5353: 0 [3a] [14q] PTR (QM)? _sleep-proxy._udp.local. PTR (QM)? _apple-mobdev._tcp.local. PTR (QM)? _airplay._tcp.local. PTR (QM)? _raop._tcp.local. PTR (QM)? _afpovertcp._tcp.local. PTR (QM)? _smb._tcp.local. PTR (QM)? _rfb._tcp.local. PTR (QM)? _adisk._tcp.local. PTR (QM)? _airport._tcp.local. PTR (QM)? _ipp._tcp.local. PTR (QM)? _scanner._tcp.local. PTR (QM)? _pdl-datastream._tcp.local. PTR (QM)? _printer._tcp.local. PTR (QM)? _ptp._tcp.local. (331)
09:41:25.587695 rule 1/0(match): block out on en0: fe80::223:dfff:fea8:21b2.5353 > ff02::fb.5353: 0 [3a] [14q] PTR (QM)? _sleep-proxy._udp.local. PTR (QM)? _apple-mobdev._tcp.local. PTR (QM)? _airplay._tcp.local. PTR (QM)? _raop._tcp.local. PTR (QM)? _afpovertcp._tcp.local. PTR (QM)? _smb._tcp.local. PTR (QM)? _rfb._tcp.local. PTR (QM)? _adisk._tcp.local. PTR (QM)? _airport._tcp.local. PTR (QM)? _ipp._tcp.local. PTR (QM)? _scanner._tcp.local. PTR (QM)? _pdl-datastream._tcp.local. PTR (QM)? _printer._tcp.local. PTR (QM)? _ptp._tcp.local. (331)
09:41:25.587751 rule 1/0(match): block out on en1: 192.168.2.12.5353 > 224.0.0.251.5353: 0 [3a] [14q] PTR (QM)? _sleep-proxy._udp.local. PTR (QM)? _apple-mobdev._tcp.local. PTR (QM)? _airplay._tcp.local. PTR (QM)? _raop._tcp.local. PTR (QM)? _afpovertcp._tcp.local. PTR (QM)? _smb._tcp.local. PTR (QM)? _rfb._tcp.local. PTR (QM)? _adisk._tcp.local. PTR (QM)? _airport._tcp.local. PTR (QM)? _ipp._tcp.local. PTR (QM)? _scanner._tcp.local. PTR (QM)? _pdl-datastream._tcp.local. PTR (QM)? _printer._tcp.local. PTR (QM)? _ptp._tcp.local. (331)
09:41:25.587786 rule 1/0(match): block out on en1: fe80::224:36ff:feb7:9867.5353 > ff02::fb.5353: 0 [3a] [14q] PTR (QM)? _sleep-proxy._udp.local. PTR (QM)? _apple-mobdev._tcp.local. PTR (QM)? _airplay._tcp.local. PTR (QM)? _raop._tcp.local. PTR (QM)? _afpovertcp._tcp.local. PTR (QM)? _smb._tcp.local. PTR (QM)? _rfb._tcp.local. PTR (QM)? _adisk._tcp.local. PTR (QM)? _airport._tcp.local. PTR (QM)? _ipp._tcp.local. PTR (QM)? _scanner._tcp.local. PTR (QM)? _pdl-datastream._tcp.local. PTR (QM)? _printer._tcp.local. PTR (QM)? _ptp._tcp.local. (331)
09:41:25.690548 rule 1/0(match): block out on en0: 192.168.2.2.54639 > 173.194.70.101.443: Flags [S], seq 2905453602, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508267747 ecr 0,sackOK,eol], length 0
09:41:25.690572 rule 1/0(match): block out on en0: 192.168.2.2.54638 > 173.194.70.101.443: Flags [S], seq 942823465, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508267747 ecr 0,sackOK,eol], length 0
09:41:25.891600 rule 1/0(match): block out on en0: 192.168.2.2.54643 > 173.194.70.102.443: Flags [S], seq 3827709279, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508267948 ecr 0,sackOK,eol], length 0
09:41:25.891616 rule 1/0(match): block out on en0: 192.168.2.2.54642 > 173.194.70.102.443: Flags [S], seq 444398866, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508267948 ecr 0,sackOK,eol], length 0
09:41:25.891628 rule 1/0(match): block out on en0: 192.168.2.2.54641 > 173.194.70.139.443: Flags [S], seq 2096866938, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508267948 ecr 0,sackOK,eol], length 0
09:41:25.891638 rule 1/0(match): block out on en0: 192.168.2.2.54640 > 173.194.70.139.443: Flags [S], seq 3069322209, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508267948 ecr 0,sackOK,eol], length 0
09:41:26.092432 rule 1/0(match): block out on en0: 192.168.2.2.54644 > 173.194.70.113.443: Flags [S], seq 269395771, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508268148 ecr 0,sackOK,eol], length 0
09:41:26.092448 rule 1/0(match): block out on en0: 192.168.2.2.54645 > 173.194.70.113.443: Flags [S], seq 2779191317, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508268148 ecr 0,sackOK,eol], length 0
09:41:26.127335 rule 4294967295/8(ip-option): pass in on en0: 192.168.2.202 > 224.0.0.251: igmp v2 report 224.0.0.251
09:41:26.193434 rule 1/0(match): block out on en0: 192.168.2.2.54603 > 23.32.111.144.80: Flags [R.], seq 1, ack 1, win 8257, length 0
09:41:26.220356 rule 4294967295/8(ip-option): pass in on en1: 192.168.2.202 > 224.0.0.251: igmp v2 report 224.0.0.251
09:41:26.293690 rule 1/0(match): block out on en0: 192.168.2.2.54646 > 173.194.70.138.443: Flags [S], seq 3376315040, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508268349 ecr 0,sackOK,eol], length 0
09:41:26.293704 rule 1/0(match): block out on en0: 192.168.2.2.54647 > 173.194.70.138.443: Flags [S], seq 2951578358, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508268349 ecr 0,sackOK,eol], length 0
09:41:26.393855 rule 1/0(match): block out on en0: 192.168.2.2.54601 > 23.32.111.144.80: Flags [F.], seq 0, ack 1, win 8256, options [nop,nop,TS val 1508268449 ecr 622302391], length 0
09:41:26.493970 rule 1/0(match): block out on en0: 192.168.2.2.54648 > 173.194.70.100.443: Flags [S], seq 1119138175, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508268549 ecr 0,sackOK,eol], length 0
09:41:26.493986 rule 1/0(match): block out on en0: 192.168.2.2.54649 > 173.194.70.100.443: Flags [S], seq 3844734284, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508268549 ecr 0,sackOK,eol], length 0
09:41:26.694338 rule 1/0(match): block out on en0: 192.168.2.2.54639 > 173.194.70.101.443: Flags [S], seq 2905453602, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508268748 ecr 0,sackOK,eol], length 0
09:41:26.694354 rule 1/0(match): block out on en0: 192.168.2.2.54638 > 173.194.70.101.443: Flags [S], seq 942823465, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508268748 ecr 0,sackOK,eol], length 0
09:41:26.894628 rule 1/0(match): block out on en0: 192.168.2.2.54643 > 173.194.70.102.443: Flags [S], seq 3827709279, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508268948 ecr 0,sackOK,eol], length 0
09:41:26.894644 rule 1/0(match): block out on en0: 192.168.2.2.54642 > 173.194.70.102.443: Flags [S], seq 444398866, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508268948 ecr 0,sackOK,eol], length 0
09:41:26.894655 rule 1/0(match): block out on en0: 192.168.2.2.54641 > 173.194.70.139.443: Flags [S], seq 2096866938, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508268948 ecr 0,sackOK,eol], length 0
09:41:26.894666 rule 1/0(match): block out on en0: 192.168.2.2.54640 > 173.194.70.139.443: Flags [S], seq 3069322209, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508268948 ecr 0,sackOK,eol], length 0
09:41:27.094902 rule 1/0(match): block out on en0: 192.168.2.2.54608 > 23.32.111.144.80: Flags [R.], seq 1, ack 1, win 8254, length 0
09:41:27.195279 rule 1/0(match): block out on en0: 192.168.2.2.54644 > 173.194.70.113.443: Flags [S], seq 269395771, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508269247 ecr 0,sackOK,eol], length 0
09:41:27.195294 rule 1/0(match): block out on en0: 192.168.2.2.54645 > 173.194.70.113.443: Flags [S], seq 2779191317, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508269247 ecr 0,sackOK,eol], length 0
09:41:27.395622 rule 1/0(match): block out on en0: 192.168.2.2.54646 > 173.194.70.138.443: Flags [S], seq 3376315040, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508269447 ecr 0,sackOK,eol], length 0
09:41:27.395638 rule 1/0(match): block out on en0: 192.168.2.2.54647 > 173.194.70.138.443: Flags [S], seq 2951578358, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508269447 ecr 0,sackOK,eol], length 0
09:41:27.596056 rule 1/0(match): block out on en0: 192.168.2.2.54648 > 173.194.70.100.443: Flags [S], seq 1119138175, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508269646 ecr 0,sackOK,eol], length 0
09:41:27.596068 rule 1/0(match): block out on en0: 192.168.2.2.54649 > 173.194.70.100.443: Flags [S], seq 3844734284, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508269646 ecr 0,sackOK,eol], length 0
09:41:27.796734 rule 1/0(match): block out on en0: 192.168.2.2.54639 > 173.194.70.101.443: Flags [S], seq 2905453602, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508269846 ecr 0,sackOK,eol], length 0
09:41:27.796745 rule 1/0(match): block out on en0: 192.168.2.2.54638 > 173.194.70.101.443: Flags [S], seq 942823465, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508269846 ecr 0,sackOK,eol], length 0
09:41:27.997210 rule 1/0(match): block out on en0: 192.168.2.2.54643 > 173.194.70.102.443: Flags [S], seq 3827709279, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508270046 ecr 0,sackOK,eol], length 0
09:41:27.997226 rule 1/0(match): block out on en0: 192.168.2.2.54642 > 173.194.70.102.443: Flags [S], seq 444398866, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508270046 ecr 0,sackOK,eol], length 0
09:41:27.997238 rule 1/0(match): block out on en0: 192.168.2.2.54641 > 173.194.70.139.443: Flags [S], seq 2096866938, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508270046 ecr 0,sackOK,eol], length 0
09:41:27.997250 rule 1/0(match): block out on en0: 192.168.2.2.54640 > 173.194.70.139.443: Flags [S], seq 3069322209, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508270046 ecr 0,sackOK,eol], length 0
09:41:28.197639 rule 1/0(match): block out on en0: 192.168.2.2.54597 > 173.194.70.139.80: Flags [F.], seq 0, ack 1, win 8218, options [nop,nop,TS val 1508270245 ecr 321546170], length 0
09:41:28.297863 rule 1/0(match): block out on en0: 192.168.2.2.54644 > 173.194.70.113.443: Flags [S], seq 269395771, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508270345 ecr 0,sackOK,eol], length 0
09:41:28.297881 rule 1/0(match): block out on en0: 192.168.2.2.54645 > 173.194.70.113.443: Flags [S], seq 2779191317, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508270345 ecr 0,sackOK,eol], length 0
09:41:28.498086 rule 1/0(match): block out on en0: 192.168.2.2.54646 > 173.194.70.138.443: Flags [S], seq 3376315040, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508270545 ecr 0,sackOK,eol], length 0
09:41:28.498101 rule 1/0(match): block out on en0: 192.168.2.2.54647 > 173.194.70.138.443: Flags [S], seq 2951578358, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508270545 ecr 0,sackOK,eol], length 0
09:41:28.593489 rule 1/0(match): block out on en0: 192.168.2.2.5353 > 224.0.0.251.5353: 0 [3a] [14q] PTR (QM)? _sleep-proxy._udp.local. PTR (QM)? _apple-mobdev._tcp.local. PTR (QM)? _airplay._tcp.local. PTR (QM)? _raop._tcp.local. PTR (QM)? _afpovertcp._tcp.local. PTR (QM)? _smb._tcp.local. PTR (QM)? _rfb._tcp.local. PTR (QM)? _adisk._tcp.local. PTR (QM)? _airport._tcp.local. PTR (QM)? _ipp._tcp.local. PTR (QM)? _scanner._tcp.local. PTR (QM)? _pdl-datastream._tcp.local. PTR (QM)? _printer._tcp.local. PTR (QM)? _ptp._tcp.local. (331)
09:41:28.593528 rule 1/0(match): block out on en0: fe80::223:dfff:fea8:21b2.5353 > ff02::fb.5353: 0 [3a] [14q] PTR (QM)? _sleep-proxy._udp.local. PTR (QM)? _apple-mobdev._tcp.local. PTR (QM)? _airplay._tcp.local. PTR (QM)? _raop._tcp.local. PTR (QM)? _afpovertcp._tcp.local. PTR (QM)? _smb._tcp.local. PTR (QM)? _rfb._tcp.local. PTR (QM)? _adisk._tcp.local. PTR (QM)? _airport._tcp.local. PTR (QM)? _ipp._tcp.local. PTR (QM)? _scanner._tcp.local. PTR (QM)? _pdl-datastream._tcp.local. PTR (QM)? _printer._tcp.local. PTR (QM)? _ptp._tcp.local. (331)
09:41:28.593559 rule 1/0(match): block out on en1: 192.168.2.12.5353 > 224.0.0.251.5353: 0 [3a] [14q] PTR (QM)? _sleep-proxy._udp.local. PTR (QM)? _apple-mobdev._tcp.local. PTR (QM)? _airplay._tcp.local. PTR (QM)? _raop._tcp.local. PTR (QM)? _afpovertcp._tcp.local. PTR (QM)? _smb._tcp.local. PTR (QM)? _rfb._tcp.local. PTR (QM)? _adisk._tcp.local. PTR (QM)? _airport._tcp.local. PTR (QM)? _ipp._tcp.local. PTR (QM)? _scanner._tcp.local. PTR (QM)? _pdl-datastream._tcp.local. PTR (QM)? _printer._tcp.local. PTR (QM)? _ptp._tcp.local. (331)
09:41:28.593579 rule 1/0(match): block out on en1: fe80::224:36ff:feb7:9867.5353 > ff02::fb.5353: 0 [3a] [14q] PTR (QM)? _sleep-proxy._udp.local. PTR (QM)? _apple-mobdev._tcp.local. PTR (QM)? _airplay._tcp.local. PTR (QM)? _raop._tcp.local. PTR (QM)? _afpovertcp._tcp.local. PTR (QM)? _smb._tcp.local. PTR (QM)? _rfb._tcp.local. PTR (QM)? _adisk._tcp.local. PTR (QM)? _airport._tcp.local. PTR (QM)? _ipp._tcp.local. PTR (QM)? _scanner._tcp.local. PTR (QM)? _pdl-datastream._tcp.local. PTR (QM)? _printer._tcp.local. PTR (QM)? _ptp._tcp.local. (331)
09:41:28.699000 rule 1/0(match): block out on en0: 192.168.2.2.54648 > 173.194.70.100.443: Flags [S], seq 1119138175, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508270745 ecr 0,sackOK,eol], length 0
09:41:28.699012 rule 1/0(match): block out on en0: 192.168.2.2.54649 > 173.194.70.100.443: Flags [S], seq 3844734284, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508270745 ecr 0,sackOK,eol], length 0
09:41:28.799696 rule 1/0(match): block out on lo0: 127.0.0.1.1348 > 127.0.0.1.54637: Flags [S.], seq 331329847, ack 3348569037, win 65535, options [mss 16344,nop,wscale 4,nop,nop,TS val 1508270845 ecr 1508258364,sackOK,eol], length 0
09:41:28.899738 rule 1/0(match): block out on en0: 192.168.2.2.54639 > 173.194.70.101.443: Flags [S], seq 2905453602, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508270945 ecr 0,sackOK,eol], length 0
09:41:28.899749 rule 1/0(match): block out on en0: 192.168.2.2.54638 > 173.194.70.101.443: Flags [S], seq 942823465, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508270945 ecr 0,sackOK,eol], length 0
09:41:29.000798 rule 1/0(match): block out on en0: 192.168.2.2.54643 > 173.194.70.102.443: Flags [S], seq 3827709279, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508271046 ecr 0,sackOK,eol], length 0
09:41:29.000810 rule 1/0(match): block out on en0: 192.168.2.2.54642 > 173.194.70.102.443: Flags [S], seq 444398866, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508271046 ecr 0,sackOK,eol], length 0
09:41:29.000819 rule 1/0(match): block out on en0: 192.168.2.2.54641 > 173.194.70.139.443: Flags [S], seq 2096866938, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508271046 ecr 0,sackOK,eol], length 0
09:41:29.000829 rule 1/0(match): block out on en0: 192.168.2.2.54640 > 173.194.70.139.443: Flags [S], seq 3069322209, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508271046 ecr 0,sackOK,eol], length 0
09:41:29.301805 rule 1/0(match): block out on en0: 192.168.2.2.54644 > 173.194.70.113.443: Flags [S], seq 269395771, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508271346 ecr 0,sackOK,eol], length 0
09:41:29.301817 rule 1/0(match): block out on en0: 192.168.2.2.54645 > 173.194.70.113.443: Flags [S], seq 2779191317, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508271346 ecr 0,sackOK,eol], length 0
09:41:29.502245 rule 1/0(match): block out on en0: 192.168.2.2.54646 > 173.194.70.138.443: Flags [S], seq 3376315040, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508271546 ecr 0,sackOK,eol], length 0
09:41:29.502257 rule 1/0(match): block out on en0: 192.168.2.2.54647 > 173.194.70.138.443: Flags [S], seq 2951578358, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508271546 ecr 0,sackOK,eol], length 0
09:41:29.502271 rule 1/0(match): block out on en0: 192.168.2.2.54542 > 173.194.70.102.443: Flags [FP.], seq 0:64, ack 1, win 8192, options [nop,nop,TS val 1508271546 ecr 315592809], length 64
09:41:29.701913 rule 4294967295/8(ip-option): pass in on en1: 192.168.2.202 > 239.255.255.250: igmp v2 report 239.255.255.250
09:41:29.704002 rule 1/0(match): block out on en0: 192.168.2.2.54648 > 173.194.70.100.443: Flags [S], seq 1119138175, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508271747 ecr 0,sackOK,eol], length 0
09:41:29.704013 rule 1/0(match): block out on en0: 192.168.2.2.54649 > 173.194.70.100.443: Flags [S], seq 3844734284, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508271747 ecr 0,sackOK,eol], length 0
09:41:29.904318 rule 1/0(match): block out on en0: 192.168.2.2.54639 > 173.194.70.101.443: Flags [S], seq 2905453602, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508271947 ecr 0,sackOK,eol], length 0
09:41:29.904329 rule 1/0(match): block out on en0: 192.168.2.2.54638 > 173.194.70.101.443: Flags [S], seq 942823465, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508271947 ecr 0,sackOK,eol], length 0
09:41:30.004401 rule 1/0(match): block out on en0: 192.168.2.2.54643 > 173.194.70.102.443: Flags [S], seq 3827709279, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508272047 ecr 0,sackOK,eol], length 0
09:41:30.004412 rule 1/0(match): block out on en0: 192.168.2.2.54642 > 173.194.70.102.443: Flags [S], seq 444398866, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508272047 ecr 0,sackOK,eol], length 0
09:41:30.004422 rule 1/0(match): block out on en0: 192.168.2.2.54641 > 173.194.70.139.443: Flags [S], seq 2096866938, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508272047 ecr 0,sackOK,eol], length 0
09:41:30.004430 rule 1/0(match): block out on en0: 192.168.2.2.54640 > 173.194.70.139.443: Flags [S], seq 3069322209, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 1508272047 ecr 0,sackOK,eol], length 0

jessez

Hi,

Could you also post your pf.conf, your routers IP address, and mention whether you are using DHCP or a static IP address, and if static, what the address is, if dhcp, what the range set in your router or DHCP server. This information will make it a lot easier to configure a working pf.conf for you.

regards,

jz

Sign In

Can't reconnect after pf is enabled on OS X 10.8.2

Recommended Posts

InfiniteInt 0

Share this post

Link to post

Staff 9972

Share this post

Link to post

InfiniteInt 0

Share this post

Link to post

Staff 9972

Share this post

Link to post

InfiniteInt 0

Share this post

Link to post

jessez 3

Share this post

Link to post

Join the conversation

Home

Community