Date: Wed, 2 Mar 2005 02:47:53 +0100 From: Max Laier <max@love2party.net> To: freebsd-pf@freebsd.org Subject: Re: Whats wrong with this ruleset? Message-ID: <200503020248.01088.max@love2party.net> In-Reply-To: <4224F74B.1030502@trini0.org> References: <4224F74B.1030502@trini0.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart2193814.uip7lUt62x Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Wednesday 02 March 2005 00:14, Gerard Samuel wrote: > For some reason, port 53 is blocked going out of the external interface -> > 000000 rule 0/0(match): block out on ed0: IP xx.xxx.xxx.xx.53 > > xx.xx.xx.xxx.4973 > > Im still new to pf, but shouldn't the last two lines allow anything > going out > to pass?? > Any ideas on how to fix? Can you send the output of "$pfctl -vsr" after some packets have been block= ed? =20 The match counters are extremely helpful when debugging such problems. =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --nextPart2193814.uip7lUt62x Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQBCJRtRXyyEoT62BG0RAkeOAJ0WM9JX2LVy+EHuQsoO+5GHljBsHACeIB/f m2hDRXFbDCSo8Bla13kL8Us= =Iqnr -----END PGP SIGNATURE----- --nextPart2193814.uip7lUt62x--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200503020248.01088.max>