Date: Tue, 22 Feb 2005 17:29:33 +0100 From: Hexren <me@hexren.net> To: Odhiambo Washington <wash@wananchi.com> Cc: pf@FreeBSD.org Subject: Re[2]: Stumped with pf.conf Message-ID: <1242093159.20050222172933@hexren.net> In-Reply-To: <20050222135804.GL52536@ns2.wananchi.com> References: <20050222124942.GG52536@ns2.wananchi.com> <421B334F.8080008@raxion.net> <20050222135804.GL52536@ns2.wananchi.com>
index | next in thread | previous in thread | raw e-mail
OW> * Kay Abendroth <kay.abendroth@raxion.net> [20050222 16:28]: wrote: >> Odhiambo Washington wrote: >> >I am a newbie to PF, running on FreeBSD 5.3-STABLE. >> >I would like some critique of the following pf.conf, which I am using, >> >but which appears to have a loophole! Some folk is accessing my port >> >8080, which I am thinking I have only opened to 62.8.64.0/19. >> [...] >> >> >> How do you know some are accessing? The only thing you actually log is >> the traffic blocked by this rule: >> >> block in log quick on $ext_if inet proto tcp from any to any flags S/SAFR OW> Hi Kay, OW> I have an application running on port 8080 of this box. That OW> application logs the IPs of machines accessing it, and I can see a OW> foreign IP accessing that service. OW> What I meant to say is that "the filter is NOT working as expected by OW> blocking access to disallowed hosts". OW> If you'd like to test accessing the box on that port, go ahead and OW> set your proxy settings to 62.8.64.13:8080 and try going to badboys.com --------------------------------------------- Looking over it I can't see any obvious mistakes. Have you enabled pf, (e.g. done "pfctl -e") ? And can you provide the output of "pfctl -sr". A good way to narrow your problem down would be to log all rules that pass and see which one lets outside connections in. Hexrenhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1242093159.20050222172933>