Date: Fri, 4 Jun 2021 19:51:27 +0100 From: Pete French <petefrench@ingresso.co.uk> To: Doug Hardie <bc979@lafn.org> Cc: stable@freebsd.org Subject: Re: pf starts blocking all traffic after a short while Message-ID: <5d544cc9-26b1-51fd-13a9-02d181cfba80@ingresso.co.uk> In-Reply-To: <B8219F01-CA23-4003-B96A-233BAFFF0246@sermon-archive.info> References: <E1lp6Mt-000Nhj-V7@dilbert.ingresso.co.uk> <f70dbbd8cec0ea0f2490ff6842c94975@bsdforge.com> <B8219F01-CA23-4003-B96A-233BAFFF0246@sermon-archive.info>
next in thread | previous in thread | raw e-mail | index | archive | help
On 04/06/2021 18:03, Doug Hardie wrote: > What IP address is the client you SSH from using? I get the impression that it is not one of the private IP addresses listed in the rules. If that is the case, there is no rule for incoming SSH from public IPs. Hence, the default block all will apply. I suspect you need another rule like "pass in quick port 22 all keep state". I understand "keep state" is the default and doesn't need to be included on each rule. Client IP address is 2001:470:6cc4:1:cd6:5836:ddba:7b54 so it should be caught by this rule: pass in inet6 from 2001:470:6cc4::/48 to any flags S/SA keep state Indeed ssh works fine for the first five minutes or so after the machine boots, but then it just stops passing packest (of both IPv4 and IPv6). Am wondering if this is something to do with the AWS firewall maybe ? I cant tell *where* the packets are being stopped. Anyone else using AWS ? -pete.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5d544cc9-26b1-51fd-13a9-02d181cfba80>