Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 04 Aug 2005 18:48:23 +0100
From:      Rod <rod@supanet.net.uk>
To:        freebsd-pf@freebsd.org
Subject:   PF, SSH closed by remote host
Message-ID:  <1123177703.24009.29.camel@torgau.office.netline.net.uk>
next in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
Hi,

I was wondering if anyone has come across this before. 

I'm running FreeBSD 5.4-RELEASE running PF from rc.conf. I ssh into this
box as a non-root user then su. On doing a ps -auwx I instantly get
disconnect with Connection to 192.168.2.3 closed by remote host.
Connection to 192.168.2.3 closed.

If I disable PF everything is fine (pfctl -d.

e.g. :

lfs2# ps -auwx
USER        PID %CPU %MEM   VSZ   RSS  TT  STAT STARTED      TIME
COMMAND
root         11 99.0  0.0     0     8  ??  RL    4:48PM 152:49.91 [idle]
root          0  0.0  0.0     0     0  ??  DLs   4:48PM   0:00.01
[swapper]Connection to 192.168.2.3 closed by remote host.
Connection to 192.168.2.3 closed.

rc.conf :

# Packet Filtering
pf_enable="YES"                 # Enable PF (load module if required)
pf_rules="/etc/pf.conf"         # rules definition file for pf
pf_flags=""                     # additional flags for pfctl startup
pflog_enable="YES"              # start pflogd(8)
pflog_logfile="/var/log/pflog"  # where pflogd should store the logfile
pflog_flags=""                  # additional flags for pflogd startup

This is my pf.conf :

ext_if="em0"
external_addr="192.168.2.3"
box_admins = "{192.168.2.8 192.168.2.9 192.168.20 192.168.45}"
                                                                                                                                                          
set fingerprints "/etc/pf.os"
set block-policy drop
scrub in all
block in all
block out all
block in log all
                                                                                                                                                           #Allow Admins
pass in on $ext_if from $box_admins to any


#icmp, ping etc
pass in on $ext_if proto icmp all
                                                                                                                                                           
#allow outbound and keep states
pass out on $ext_if proto { tcp, udp, icmp } all keep state

Have tried lists,google and multiple different variations of the above
pf.conf but it's still happening. Any suggests?






[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD4DBQBC8lTmSKw3AiKIO7sRAthkAJ9tjewJu2AxNP3rjVtz1ji+hexc2ACY70Vj
lRjcpfeXrQdM/qTkqhZjtQ==
=Fbai
-----END PGP SIGNATURE-----

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1123177703.24009.29.camel>