pf doing host security not a whole of rules, and all is working well.
an early rule is: pass in quick on $ext_if inet proto tcp from any to $ext_if port smtp keep state and the last rule is: block in log on $ext_if from any to $ext_if, which logs as: rule 33/0(match) in spite of the pass in smtp, rule 33 is still blocking several 1000 SMTP accesses/day, eg: rule 33/0(match): block in on em0: 74.120.242.172.57093 > x.x.x.x.25: . ack 50 win 46 <nop,nop,timestamp 727203637 3292309473> rule 33/0(match): block in on em0: 94.179.232.111.8364 > x.x.x.x.25: P 0:6(6) ack 1 win 65438 where the text after the 25: has several different formats. How is any port 25 access not being passed by the pass smtp rule? Len _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[email protected]"
