Date: Fri, 9 Jul 2010 23:36:39 +0200 From: "Len Conrad" <lconrad@Go2France.com> To: <freebsd-pf@freebsd.org> Subject: Subject: pf: pass in quick to port 25 still getting blocks Message-ID: <201007092336.AA320012590@mail.Go2France.com>
next in thread | raw e-mail | index | archive | help
pf doing host security not a whole of rules, and all is working well. an early rule is: pass in quick on $ext_if inet proto tcp from any to $ext_if port smtp keep state and the last rule is: block in log on $ext_if from any to $ext_if, which logs as: rule 33/0(match) in spite of the pass in smtp, rule 33 is still blocking several 1000 SMTP accesses/day, eg: rule 33/0(match): block in on em0: 74.120.242.172.57093 > x.x.x.x.25: . ack 50 win 46 <nop,nop,timestamp 727203637 3292309473> rule 33/0(match): block in on em0: 94.179.232.111.8364 > x.x.x.x.25: P 0:6(6) ack 1 win 65438 where the text after the 25: has several different formats. How is any port 25 access not being passed by the pass smtp rule? Len
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201007092336.AA320012590>