Date: Fri, 02 Jul 2010 19:35:49 -0400 From: Jon Radel <jon@radel.com> To: freebsd-questions@freebsd.org Subject: Re: Subject: pf: pass in quick to port 25 still getting some blocks Message-ID: <4C2E77D5.5030402@radel.com> In-Reply-To: <201007022325.AA132710676@mail.Go2France.com> References: <201007022325.AA132710676@mail.Go2France.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a cryptographically signed message in MIME format. --------------ms000206070903010601080708 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable On 7/2/10 5:25 PM, Len Conrad wrote: > setting up pf on fbsd 7.2 for host security on a mail gateway. > > the only rule for port 25 is: > > pass in quick on em0 inet proto tcp from any to $ext_if port =3D smtp f= lags S/SA keep state > > and then last rule: > > block drop in log on em0 inet from any to $ext_if > > while 1000s of connections to port 25 are getting through with the pass= rule, several 100 connections are getting blocked with the default block= rule, bypassing the pass rule. > > I can't see how pf is selecting these connections to be blocked. > > =20 In what sense are the packets that are getting blocked part of a=20 connection? Are you sure the blocked packets are actually a legitimate=20 first packet, with the appropriate flags set, or is the "flags S/SA"=20 portion of your rule not matching? --=20 --Jon Radel jon@radel.com --------------ms000206070903010601080708--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C2E77D5.5030402>