On Thu, Feb 26, 2015 at 01:53:38PM -0500, D'Arcy J.M. Cain wrote:
> On Thu, 26 Feb 2015 18:25:49 +0100
> Otto Moerbeek <[email protected]> wrote:
> > On Thu, Feb 26, 2015 at 12:11:34PM -0500, Ted Unangst wrote:
> > > Yes, that's how stateful firewalls work. Existing states don't
> > > evaluate the ruleset. You probably want to look into pfctl -k.
> >
> > The OP has a "no state" on the relevant rule. But no full ruleset has
> > been posted, so it's hard to tell what's going on exactly. Looking at
> > the state table with pfctl might help.
>
> What are you looking for specifically? I thought I posted all the
> relevant rules and outputs. In particular I showed that the problem IP
> was in the AUTOBLOCK table with "pfctl -tAUTOBLOCK -Ts".
Well, from what you describe it is likely there is a rule creating
state. It could very well be that one of the rules you left out is the
culprit.
But if you do not have pfctl -k you are not running something close to
current OpenBSD pf. So I'm afraid you have to diagnose things yourelf,
we can give only general directions.
-Otto
