From owner-freebsd-pf@FreeBSD.ORG  Wed Feb  7 08:20:35 2007
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id A429816A401
	for <freebsd-pf@freebsd.org>; Wed,  7 Feb 2007 08:20:35 +0000 (UTC)
	(envelope-from Greg.Hennessy@nviz.net)
Received: from smtp.nildram.co.uk (smtp.nildram.co.uk [195.112.4.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 6B39413C474
	for <freebsd-pf@freebsd.org>; Wed,  7 Feb 2007 08:20:35 +0000 (UTC)
	(envelope-from Greg.Hennessy@nviz.net)
Received: from gw2.local.net (unknown [62.3.210.251])
	by smtp.nildram.co.uk (Postfix) with ESMTP id 80BC42B6BA2
	for <freebsd-pf@freebsd.org>; Wed,  7 Feb 2007 08:20:32 +0000 (GMT)
From: "Greg Hennessy" <Greg.Hennessy@nviz.net>
To: "'Kevin K.'" <freebsd-pf@magma.ca>,
	"'LI Xin'" <delphij@delphij.net>
References: E1HD4Bj-000D25-00.msgs_for_me-mail-ru@f30.mail.ru	<859855731.20070206155625@mail.ru>	<002501c749f3$bb1a1dc0$314e5940$@ca>	<45C885B3.3000508@delphij.net>
	<004601c749f5$8dd0b930$a9722b90$@ca>
	<005301c74a04$b8528990$28f79cb0$@ca>
In-Reply-To: <005301c74a04$b8528990$28f79cb0$@ca>
Date: Wed, 7 Feb 2007 08:20:15 -0000
Message-ID: <001301c74a90$cbef6b80$63ce4280$@Hennessy@nviz.net>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
thread-index: AcdJ9KHf8rjufhFQTL+X6PMPrV8H7wAAMh+wAAObXxAAIxq00A==
Content-Language: en-gb
Cc: freebsd-pf@freebsd.org
Subject: RE: PF & Windows Vista
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Feb 2007 08:20:35 -0000

> I'd like to know if anyone else has experienced something similar with
> Vista and their firewall. I realize it may be something with Vista, but
this
> issue seems to be related with PF firewalls and Vista.
> 

I have ran (and am running ) vista with CTCP enabled and disabled through PF
just fine. 

Silly question, are all your tcp keep state rules establishing state on
flags S/SA only ? 

What's the default block log all rule telling you regarding the connection ?


Have you tcpdumped an incoming session from that system through both ingress
and egress interfaces to see what's happening ? 

Greg