Date: Mon, 1 Aug 2005 02:35:14 +0200 From: Tilman Linneweh <arved@arved.at> To: Max Laier <max@love2party.net> Cc: freebsd-pf@freebsd.org, Tilman Linneweh <arved@arved.at> Subject: Re: PF on 6.0 and ICQ Message-ID: <d9afe7bfb8e964e16ccde0a3faa48f11@arved.at> In-Reply-To: <200507311914.03774.max@love2party.net> References: <c31937ef582c09322bd67c932e176602@arved.at> <200507311914.03774.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 31.07.2005 um 19:13 schrieb Max Laier: >> 17:45:37.874576 IP (tos 0x0, ttl 62, id 63520, offset 0, flags [DF], >> proto: TCP (6), length: 44) 192.168.1.24.49231 > 205.188.7.248.5190: >> S, >> cksum 0x7097 (correct), 920618149:920618149(0) win 65535 <mss 1460> >> >> Anyone got an idea, why this traffic doesn't match the pass rules >> anymore? > > Can you add a "-e" when tcpdump'ing pflog so it shows the reason for > the drop > (i.e. what rule was matched etc.)? Thanks, this helped a lot. It turns out, that the firewall was trying to connect to this specific IP via the $int_if instead of the $ext_if, although the routing table displayed by netstat -r looked sane and had no special entry for this IP. I decided to reboot the box, and now ICQ works again. regards tilman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d9afe7bfb8e964e16ccde0a3faa48f11>