[Dshield] OpenBSD 3.1/pf

millerbn millerbn at chiba.dhs.org
Sun Aug 4 18:05:12 GMT 2002


On Sat, 3 Aug 2002 22:56:11 +0200, you wrote:

>On Sat, Aug 03, 2002 at 02:00:21PM -0500, millerbn wrote:
>>pass in quick on $external inet proto tcp from any to any port $services flags S/SA keep state
>
>In as comming from the network going IN to the interface.
>
>>The mail log does show that there was an outgoing email to the
>
>"outgoing mail", so the rule you show does not match the blocked
>traffic.
>
>Send your full pf.conf and nat.conf and someone might be able to
>help you. And maybe this is better on misc at openbsd.org ?
>
>
Guess I should have included "return" between legitimate traffic in the prior message. The timestamps for outgoing mail logs preceeded the pf logs and they were blocked coming in to the interface.
I assumed most of the readers were used to firewall logs and might be quicker at spotting latent packets, which was my first guess - just wanted a little reassurance; also hoped someone would spot 
a mistake that I had missed if there was one.




More information about the list mailing list