From owner-freebsd-pf@FreeBSD.ORG  Tue Feb 22 13:27:50 2005
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1846516A4CE
	for <pf@freebsd.org>; Tue, 22 Feb 2005 13:27:50 +0000 (GMT)
Received: from moutng.kundenserver.de (moutng.kundenserver.de
	[212.227.126.189])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 74B7C43D1F
	for <pf@freebsd.org>; Tue, 22 Feb 2005 13:27:49 +0000 (GMT)
	(envelope-from kay.abendroth@raxion.net)
Received: from [212.227.126.155] (helo=mrelayng.kundenserver.de)
	by moutng.kundenserver.de with esmtp (Exim 3.35 #1)
	id 1D3a4q-0007P9-00
	for pf@freebsd.org; Tue, 22 Feb 2005 14:27:48 +0100
Received: from [62.158.90.195] (helo=[10.0.0.10])
	by mrelayng.kundenserver.de with asmtp (TLSv1:RC4-MD5:128)
	(Exim 3.35 #1)
	id 1D3a4q-00063u-00
	for pf@FreeBSD.org; Tue, 22 Feb 2005 14:27:48 +0100
Message-ID: <421B334F.8080008@raxion.net>
Date: Tue, 22 Feb 2005 13:27:43 +0000
From: Kay Abendroth <kay.abendroth@raxion.net>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.8a6) Gecko/20050111
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: pf@FreeBSD.org
References: <20050222124942.GG52536@ns2.wananchi.com>
In-Reply-To: <20050222124942.GG52536@ns2.wananchi.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Provags-ID: kundenserver.de abuse@kundenserver.de
	auth:b74ade515889ad97333045239a316a52
Subject: Re: Stumped with pf.conf
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical discussion and general questions about packet filter (pf)
	<freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Feb 2005 13:27:50 -0000

Odhiambo Washington wrote:
> I am a newbie to PF, running on FreeBSD 5.3-STABLE.
> I would like some critique of the following pf.conf, which I am using,
> but which appears to have a loophole! Some folk is accessing my port
> 8080, which I am thinking I have only opened to 62.8.64.0/19.
[...]


How do you know some are accessing? The only thing you actually log is 
the traffic blocked by this rule:

block in log quick on $ext_if inet proto tcp from any to any flags S/SAFR



Kay