Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 16 Mar 2022 18:14:57 +0200
From:      skeletor <skeletor@lissyara.su>
To:        freebsd-pf@freebsd.org
Subject:   Question about synproxy
Message-ID:  <cccf3ff8-c4a3-be4c-af6a-df9398d24be3@lissyara.su>

next in thread | raw e-mail | index | archive | help
Hi.
Could anybody explain me, why synproxy doesn't work in this rule?

# pfctl -sr -v
pass in quick on vmx0 inet proto tcp from any to 10.5.0.5 port = 2211 
flags S/SA synproxy state
   [ Evaluations: 1777      Packets: 0         Bytes: 0 
States: 1     ]
   [ Inserted: uid 0 pid 75209 State Creations: 2     ]
pass all flags S/SA keep state
   [ Evaluations: 1775      Packets: 2885      Bytes: 288624 
States: 194   ]
   [ Inserted: uid 0 pid 75209 State Creations: 1375  ]

I have a openssh server on port 2211

# sockstat | grep 2211
root     sshd       841   3  tcp6   *:2211                *:*
root     sshd       841   4  tcp4   *:2211                *:*

In tcpdump I see a packets between hosts, but connection can't be 
established. May be I have wrong using of synproxy?

My goal is to use synproxy for connect to server ssh (which on this 
host, where pf rules). Or it's not for this purposal?

Thanks.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cccf3ff8-c4a3-be4c-af6a-df9398d24be3>