From owner-freebsd-questions@FreeBSD.ORG  Mon Sep 19 21:20:12 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CF09B16A41F
	for <freebsd-questions@freebsd.org>;
	Mon, 19 Sep 2005 21:20:12 +0000 (GMT)
	(envelope-from norgaard@locolomo.org)
Received: from strange.daemonsecurity.com (62-15-217-181.inversas.jazztel.es
	[62.15.217.181])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4DB0643D48
	for <freebsd-questions@freebsd.org>;
	Mon, 19 Sep 2005 21:20:12 +0000 (GMT)
	(envelope-from norgaard@locolomo.org)
Received: from [192.168.0.64] (unknown [192.168.0.64])
	by strange.daemonsecurity.com (Postfix) with ESMTP id AE1062E01E;
	Mon, 19 Sep 2005 23:20:10 +0200 (CEST)
Message-ID: <432F2B89.9000305@locolomo.org>
Date: Mon, 19 Sep 2005 23:20:09 +0200
From: =?ISO-8859-1?Q?Erik_N=F8rgaard?= <norgaard@locolomo.org>
Organization: Locolomo.ORG
User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050909)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: jonas <jonas.de.buhr@gmx.net>
References: <20050919172642.45408cf9@localhost>
	<432EDE1D.2050107@locolomo.org>	<20050919192954.6ac0e9a9@localhost>
	<20050919193553.25dd0afd@localhost>
In-Reply-To: <20050919193553.25dd0afd@localhost>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions@freebsd.org
Subject: Re: problem with IPF rules - (problem solved but i'm still confused)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Sep 2005 21:20:12 -0000

jonas wrote:
> adding a 'keep state' to the 'pass in'-rules solved this problem.
> but i still do not understand why it didn't work before, because
> outgoing traffic was allowed with
> "pass out quick on ng0 from any to any keep state"
> i'ld really prefer to know what's going on there :)
> 
> any ideas?

It would help if you would post your ruleset and not the readout, it's 
easier to read. Secondly, it is posible to compile ipf with default 
block - post the default action also.

Cheers, Erik


-- 
Ph: +34.666334818                           web: http://www.locolomo.org
S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt
Subject ID:  A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9
Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2