Date: Mon, 27 Feb 2012 17:27:58 -0800 (PST) From: csbender <csbender@bellsouth.net> To: freebsd-pf@freebsd.org Subject: PF issue (rule match but rule fails) Message-ID: <1330392478.216.YahooMailRC@web180716.mail.sp1.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hi Folks, it is great to join you. I am pretty new to the world of PF so please excuse some ignorance at least for now. I have a PF running freebsd 8.2. Here is my issue... I have SMTP rule allowing traffic in and out for certain networks. Some SMTP traffic fails, eventhough I see rule match, I have no idea why. Evidence...Here is am sending email from a network which comes across the FW. Here is the tcpdump. # tcpdump -ni bge0 host 10.156.81.10 and port 25 tcpdump: listening on bge0, link-type EN10MB 14:26:50.220591 10.156.81.10.60809 > 172.19.4.41.25: S 3154136673:3154136673(0) win 64240 <mss 1260,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop> (DF) [tos 0xb8] 14:26:50.244314 10.156.81.10.60809 > 172.19.4.41.25:R 3154136674:3154136735(61) ack 1245040067 win 0 (DF) [tos 0xb8] 14:27:11.233494 10.156.81.10.60809 > 172.19.4.41.25: S 3154136673:3154136673(0) win 64240 <mss 1260,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop> (DF) [tos 0xb8] 14:27:11.245057 10.156.81.10.60809 > 172.19.4.41.25:R 0:61(61) ack 1 win 0 (DF) [tos 0xb8] >From the above it is easy to see traffic isn't passing. Below is the rule that this traffic should be matching. pass log quick inet proto tcp from <tbl.r0.d> to any port = smtp flags any modulate state label "RULE 1 -- ACCEPT " First question ...what command can I run to verify that the rule above is pertaining to the traffic above? Secondly....what else could be squashing this SMTP traffic. It all works well when pfctl is -d. Do I need to pass my rules? Thanks folks in advance
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1330392478.216.YahooMailRC>