From owner-freebsd-pf@FreeBSD.ORG Thu Jul 28 07:40:28 2005 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6261916A41F for ; Thu, 28 Jul 2005 07:40:28 +0000 (GMT) (envelope-from mbraak@xs4all.nl) Received: from smtp-vbr9.xs4all.nl (smtp-vbr9.xs4all.nl [194.109.24.29]) by mx1.FreeBSD.org (Postfix) with ESMTP id C8CB343D45 for ; Thu, 28 Jul 2005 07:40:27 +0000 (GMT) (envelope-from mbraak@xs4all.nl) Received: from [127.0.0.1] (sid.xs4all.nl [213.84.12.132]) (authenticated bits=0) by smtp-vbr9.xs4all.nl (8.13.3/8.13.3) with ESMTP id j6S7eEuX024589; Thu, 28 Jul 2005 09:40:16 +0200 (CEST) (envelope-from mbraak@xs4all.nl) Message-ID: <42E88BEC.4060007@xs4all.nl> Date: Thu, 28 Jul 2005 09:40:28 +0200 From: Marcel Braak User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Melameth, Daniel D." References: <31BA35C490DBFC40B5C331C7987835AE61236C@mbafmail.internal.mba-cpa.com> In-Reply-To: <31BA35C490DBFC40B5C331C7987835AE61236C@mbafmail.internal.mba-cpa.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by XS4ALL Virus Scanner Cc: pf@benzedrine.cx, freebsd-pf@freebsd.org Subject: Re: pinging same host on the internet from two different LAN stations X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Jul 2005 07:40:28 -0000 Melameth, Daniel D. wrote: >Pejman Moghadam wrote: > > >>Melameth, Daniel D. wrote : >> >> >>>FWIW, while I haven't looked into this in detail, it appears Windows >>>clients always use the same ICMP ID--512... >>> >>> >>I think this is right, beacuse of this state entry : >> >>self icmp 192.168.1.18:512 -> 1.2.3.4:512 -> 192.9.9.3:512 0:0 >> >>but i have not any problem with windows clients when i use ipfw in >>freebsd or even iptables in linux. >>why same ICMP ID(512) is so important for PF? how can i deal with >>that ? >> >> > >I don't know the specifics of any other these packet filters and haven't >looked at any code, but I'd speculate that ipfw and iptables are >proxying these ICMP IDs in some capacity similar to the way TCP ports >are proxied and pf is just using the ICMP ID that is provided by the >client. > >Then again, I could be very wrong. > >Danny > > > > I have ran into this issue two days ago also. We have a monitoring server that monitors a couple of server by sending pings, and is informing me when a server isn't reachable by sending me a sms. But when an other hosts pings one of the servers the monitoring server can't ping the server anymore and is sending me a sms. In this case the server isn't down.. Before i had a linux/iptables firewall box that doesn't have this problem. I hope there's a fix for PF cause i think this is a very anoying issue. Marcel