Date: Fri, 06 Jul 2007 21:15:16 +0200 From: Laurent LEVIER <llevier@argosnet.com> To: David DeSimone <fox@verio.net>,"Scott Ullrich" <sullrich@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: Issue with PF on FreeBSD 6.2.5? Message-ID: <20070706191519.6118A267E18@mx.levier.org> In-Reply-To: <20070706003051.GC3557@verio.net> References: <20070705062546.BF688267E13@mx.levier.org> <6e6841490707050611l66b7b705h2889dcaf8a2fc784@mail.gmail.com> <20070705164343.3F2E7267F61@mx.levier.org> <20070706003051.GC3557@verio.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi All, At 02:30 06/07/2007, David DeSimone wrote: >Do you mean that you checked the session table (pfctl -ss) before and >after running the pfctl -k command, and you find that the session is not >removed? First, thanks for your help. I finally found the issue... I was pinging indefinitely a host to check barring. Apparently, UDP & TCP are really blocked right after the pfctl -k, but ICMP ping (a ping -t from Windoze) keeps working. Whatever I attempted to do, I did not succeeded setting up a real barring on all ports & protocols. I must now check some other weird protocols as AH/ESP to ensure the HotSpot really bars properly traffic. Brgrds Laurent LEVIER Systems & Networks Senior Security Expert, CISSP CISM
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070706191519.6118A267E18>