[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Lots of traffic on internal interface



While running pftop, or pfctl -vvs state, I see a lot of traffic from
the firewall machine to itself over the internal LAN interface port. I am
not sure what service would route something out a local interface to
itself; it feels more like a misconfiguration. Thoughts ?
George
---------
Local interface IP is 192.168.1.2
Selection from pfctl -vvs state:
lo0 tcp 192.168.1.2:33733 -> 192.168.1.2:3493
ESTABLISHED:ESTABLISHED
   [4294086078 + 16384] wscale 0  [2714128582 + 16384] wscale 0
   age 140:42:35, expires in 23:59:59, 202219:101111 pkts,
13548662:8392110 bytes, rule 6
   id: 437a9e8000000127 creatorid: b74efa82
lo0 tcp 192.168.1.2:3493 <- 192.168.1.2:33733
ESTABLISHED:ESTABLISHED
   [2714128582 + 16384] wscale 0  [4294086078 + 16384] wscale 0
   age 140:42:35, expires in 23:59:59, 202219:101111 pkts,
13548662:8392110 bytes, rule 6
   id: 437a9e8000000128 creatorid: b74efa82
Rule 6:
@6 pass quick on lo0 all keep state (if-bound)
  [ Evaluations: 140194    Packets: 612050    Bytes: 47369302
States: 2     ]
  [ Inserted: uid 0 pid 7115 ]