PF problems

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: <misc@...>

Date: Wednesday, December 5, 2007 - 11:02 am

I have the following rule in pf.
pass in quick from 10.1.100.210 to any

Here the result of pfctl -sr
pass in quick inet from 10.1.100.210 to any flags S/SA keep state

But the connection is being blocked by pf, follows log of pflog0:
Dec 02 06:58:58.343862 rule 0/(match) [uid 0, pid 23271] block in on
bge1: 10.1.100.210.8080 > 10.1.1.78.4899: S [tcp sum ok]
423727301:423727301(0) win 16384 (DF) (ttl
111, id 54108, len 48)

This ip 10.1.100.210 is my proxy server, This network this in vlan0.

My rule is being ignored and the connection is being blocked by the
default block rule:
block in log all

But these rules work well in OpenBSD 4.0

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

PF problems, Kleber Rocha, (Wed Dec 5, 11:02 am)

Re: PF problems, Stuart Henderson, (Wed Dec 5, 11:20 am)


linux-kernel:
Greg KH	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Greg Kroah-Hartman	[PATCH 001/196] Chinese: Add the known_regression URI to the HOWTO
Andy Whitcroft	clam
Ingo Molnar	[patch] paravirt: VDSO page is essential
git:

linux-netdev:
David Miller	Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
Lovich, Vitali	RE: [PATCH] Packet socket: mmapped IO: PACKET_TX_RING
David Miller	[GIT]: Networking
openbsd-misc: