Date: Tue, 22 Feb 2005 17:29:33 +0100 From: Hexren <me@hexren.net> To: Odhiambo Washington <wash@wananchi.com> Cc: pf@FreeBSD.org Subject: Re[2]: Stumped with pf.conf Message-ID: <1242093159.20050222172933@hexren.net> In-Reply-To: <20050222135804.GL52536@ns2.wananchi.com> References: <20050222124942.GG52536@ns2.wananchi.com> <421B334F.8080008@raxion.net> <20050222135804.GL52536@ns2.wananchi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
OW> * Kay Abendroth <kay.abendroth@raxion.net> [20050222 16:28]: wrote: >> Odhiambo Washington wrote: >> >I am a newbie to PF, running on FreeBSD 5.3-STABLE. >> >I would like some critique of the following pf.conf, which I am using, >> >but which appears to have a loophole! Some folk is accessing my port >> >8080, which I am thinking I have only opened to 62.8.64.0/19. >> [...] >> >> >> How do you know some are accessing? The only thing you actually log is >> the traffic blocked by this rule: >> >> block in log quick on $ext_if inet proto tcp from any to any flags S/SAFR OW> Hi Kay, OW> I have an application running on port 8080 of this box. That OW> application logs the IPs of machines accessing it, and I can see a OW> foreign IP accessing that service. OW> What I meant to say is that "the filter is NOT working as expected by OW> blocking access to disallowed hosts". OW> If you'd like to test accessing the box on that port, go ahead and OW> set your proxy settings to 62.8.64.13:8080 and try going to badboys.com --------------------------------------------- Looking over it I can't see any obvious mistakes. Have you enabled pf, (e.g. done "pfctl -e") ? And can you provide the output of "pfctl -sr". A good way to narrow your problem down would be to log all rules that pass and see which one lets outside connections in. Hexren
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1242093159.20050222172933>