On Thu, Feb 26, 2015 at 01:53:38PM -0500, D'Arcy J.M. Cain wrote: > On Thu, 26 Feb 2015 18:25:49 +0100 > Otto Moerbeek <o...@drijf.net> wrote: > > On Thu, Feb 26, 2015 at 12:11:34PM -0500, Ted Unangst wrote: > > > Yes, that's how stateful firewalls work. Existing states don't > > > evaluate the ruleset. You probably want to look into pfctl -k. > > > > The OP has a "no state" on the relevant rule. But no full ruleset has > > been posted, so it's hard to tell what's going on exactly. Looking at > > the state table with pfctl might help. > > What are you looking for specifically? I thought I posted all the > relevant rules and outputs. In particular I showed that the problem IP > was in the AUTOBLOCK table with "pfctl -tAUTOBLOCK -Ts".
Well, from what you describe it is likely there is a rule creating state. It could very well be that one of the rules you left out is the culprit. But if you do not have pfctl -k you are not running something close to current OpenBSD pf. So I'm afraid you have to diagnose things yourelf, we can give only general directions. -Otto