Date: Tue, 28 Jul 2009 16:35:13 +0200 From: Erik Norgaard <norgaard@locolomo.org> To: Jay Hall <jhall@socket.net> Cc: freebsd-questions@freebsd.org Subject: Re: ipf rules question Message-ID: <4A6F0CA1.4060904@locolomo.org> In-Reply-To: <4A6F0C25.7040400@locolomo.org> References: <0E15E941-3CC2-4C9B-BAF2-C8910F7592ED@socket.net> <4A6F0C25.7040400@locolomo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Erik Norgaard wrote: > Jay Hall wrote: >> And, following is the output from ipfstat showing the relevant rule(s). >> >> @140 block in quick proto tcp from 82.0.0.0/8 to any port = smtp >> > Evidently, things get passed by some other rule, you can get a clue by > adding the log action to all rules passing packets to port 25 or any port. And, by the way in ip-filter it is a really good idea to add a default rule explicitly, always specify network interface and use groups to organize and optimize your ruleset. BR, Erik -- Erik Nørgaard Ph: +34.666334818/+34.915211157 http://www.locolomo.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4A6F0CA1.4060904>