Im sorry I was trying to filter out sensitive data. We also have a rule for pass in quick on bge0 from 10.207.0.0/255.255.224 to any pass in quick on bge0 from 10.207.97.0/255.255.255.0 to any pass in quick on bge0 from 10.207.98.0/255.255.254.0 to any pass in quick on bge0 from 10.207.100.0/255.255.252.0 to any pass in quick on bge0 from 10.207.104.0/255.255.240.0 to any pass in quick on bge0 from 10.207.112.0/255.255.240.0 to any -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Lord Sent: Wednesday, June 27, 2007 5:57 PM To: [email protected] Subject: Re: what does this mean?
On 27 Jun 2007, at 18:00, David Lord wrote: > On 27 Jun 2007, at 12:38, Ross, Daniel wrote: > > > I have the following ipfilter rules: > > pass in quick on bge0 from 10.207.0.0/19 to any keep state > > block in log all > > > > yet I am seeing the following: > > 7/06/2007 12:36:25.343669 bge0 @0:9 b 10.207.109.92 -> 10.207.3.11 PR > > icmp len 20 576 icmp timxceed/reassem for 10.207.3.11,2049 - > > 10.207.109.92,786 PR 17 len 20 1500 IN > > > > What do I need to add to allow nfs? > > Your destination ip is outside range covered by 10.207.0.0/19. s/destination/source/ If I'm not mistaken 10.207.0.0/19 only allows up to 10.207.31.255 David
