Date: Mon, 27 Feb 2006 16:41:56 +0100 From: Erik Norgaard <norgaard@locolomo.org> To: Roman Serbski <mefystofel@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Help with IP Filter 4.1.8 Message-ID: <44031DC4.6060804@locolomo.org> In-Reply-To: <cca5083b0602270548s4147d332v5df89fdb9a0b7ccd@mail.gmail.com> References: <cca5083b0602260715w2f4a9e49o494f2f537afca2db@mail.gmail.com> <4402232A.8010908@locolomo.org> <cca5083b0602270548s4147d332v5df89fdb9a0b7ccd@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Roman Serbski wrote: > Adding the 'log' keyword produced the following record: > > xl0 @0:2 b XXX.XXX.XXX.XXX,53 -> YYY.YYY.YYY.YYY,60808 PR udp len 20 298 IN bad read this line: This tells you where the packet is blocked. IIRC @0:2 means group 0 (you don't use groups) and 2 should be the second rule. If you list the ruleset with ipfstat -n that should give you rules with the same labeling. Also, add log keyword to your outgoing rule, to see that it is actually there the decision is made. You could have some default pass that does not create the state. I know that you've checked and rechecked - but it is really helpful for us to have the whole ruleset. If you like, change your ip's to x.x.x.x (but keep different ips different). Cheers, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt Subject ID: 9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72 Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44031DC4.6060804>