From owner-freebsd-pf@FreeBSD.ORG Thu Sep 16 03:50:01 2004 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 674) id A2C0016A4CF; Thu, 16 Sep 2004 03:50:01 +0000 (GMT) Delivered-To: mlaier@vampire.homelinux.org Received: (qmail 54352 invoked by uid 1005); 2 Sep 2003 13:34:52 -0000 Delivered-To: max@vampire.homelinux.org Received: (qmail 54349 invoked from network); 2 Sep 2003 13:34:52 -0000 Received: from moutng.kundenserver.de (212.227.126.188) by pd953010a.dip.t-dialin.net with SMTP; 2 Sep 2003 13:34:52 -0000 Received: from [212.227.126.140] (helo=mxng13.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 19uCCE-0007Nf-00 for max@vampire.homelinux.org; Tue, 02 Sep 2003 16:31:50 +0200 Received: from [206.53.239.180] (helo=turing.freelists.org) by mxng13.kundenserver.de with esmtp (Exim 3.35 #1) id 19uCCB-0005Ja-00 for max@love2party.net; Tue, 02 Sep 2003 16:31:48 +0200 Received: from turing (localhost [127.0.0.1])ESMTP id BFEAF390741; Tue, 2 Sep 2003 09:27:38 -0500 (EST) Received: with ECARTIS (v1.0.0; list pf4freebsd); Tue, 02 Sep 2003 09:27:34 -0500 (EST) Delivered-To: pf4freebsd@freelists.org Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.184])ESMTP id AA2BA3906E4 for ; Tue, 2 Sep 2003 09:27:33 -0500 (EST) Received: from [212.227.126.155] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 19uC80-0007wP-00 for pf4freebsd@freelists.org; Tue, 02 Sep 2003 16:27:28 +0200 Received: from [217.83.1.10] (helo=max900) by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1) id 19uC7y-0002sU-00 for pf4freebsd@freelists.org; Tue, 02 Sep 2003 16:27:26 +0200 Message-ID: <00ce01c3715e$961a0ce0$01000001@max900> From: "Max Laier" To: References: <3F54A3F9.3010101@dequim.ist.utl.pt> <3F54A64B.6090404@dequim.ist.utl.pt> MIME-Version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-archive-position: 140 X-ecartis-version: Ecartis v1.0.0 Sender: pf4freebsd-bounce@freelists.org Errors-To: pf4freebsd-bounce@freelists.org X-original-sender: max@love2party.net Precedence: normal X-list: pf4freebsd X-UID: 255 X-Length: 3588 X-Mailman-Approved-At: Thu, 16 Sep 2004 03:55:52 +0000 Subject: [pf4freebsd] Re: pfaltq-5.1.0.4 problem using fingerprinting X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: pf4freebsd@freelists.org List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Thu, 16 Sep 2004 03:50:01 -0000 X-Original-Date: Tue, 2 Sep 2003 16:29:14 +0200 X-List-Received-Date: Thu, 16 Sep 2004 03:50:01 -0000 > > All seems to be working fine including AltQ integration. Only a minor > > glitch when I do ifconfig. (box reboots... works perfectly fine on > > another 5.1 box. Probably a kernel option. Will do some more research on > > this...) > > > > Anyway, passive fingerprinting may have a bug, > > This is the important rule in question: > > > > #ssh > > pass in on $ext_if proto tcp from any os Windows to $main_ip port 22 > > modulate state queue(interact_bulk,interact_ack) > > > > Without the "os Windows" everything works fine. And I am coming in from > > a Windows box as tcpdump shows: > > To make it clear, it _never_ allows my remote windows box to log in. .. too late for my reply ... can you provide counters (i.e. "pfctl -gvvsr" output)? Please send the whole ruleset if you want us to help. Additonal tcpdump on pflog0 (with some "log spice" in the rule-set) could help as well. I have not seen problems with OSFP and tried it on a very same scenario. Regards, Max