From owner-freebsd-questions@FreeBSD.ORG Sat Mar 12 19:34:22 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F0B2C16A4CE for ; Sat, 12 Mar 2005 19:34:22 +0000 (GMT) Received: from mail.webjogger.net (mail.webjogger.net [204.8.81.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0B63643D39 for ; Sat, 12 Mar 2005 19:34:22 +0000 (GMT) (envelope-from dino@webjogger.net) Received: from shadowfax [10.10.20.22] by mail.webjogger.net (SMTPD32-8.13) id A43B330F0044; Sat, 12 Mar 2005 14:34:19 -0500 Message-ID: <00b501c5273a$7d0679d0$16140a0a@webjogger.net> From: "Mario Antonio" To: Date: Sat, 12 Mar 2005 14:34:20 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1409 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Subject: IP Filter Issues in 4.11 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Mar 2005 19:34:23 -0000 Dear List, I just upgraded a couple of my machines from 4.9 release to 4.11 release, and now I am finding some issues with IP Filters. this is the output of ipf -V: ipf: IP Filter: v3.4.35 (336) Kernel: IP Filter: v3.4.35 Some of the issues I am having are: Before this set of rules worked fine: head/group 10 block out log quick on fxp0 all head 10 pass out quick on fxp0 proto tcp from any to any keep state group 10 pass out quick on fxp0 proto udp from any to any keep state group 10 pass out quick on fxp0 proto icmp from any to any keep state group 10 Now in order to be able to make that machine pingable I have to: pass out quick on fxp0 --> UDP also behaves in a similar way, only TCP works fine. I wonder if somebody has experienced something similar? Regards Mario Antonio --- [This e-mail was scanned for viruses by Webjogger's AntiVirus Protection System]