Thans for your reply.
Le 2 mai 09 ` 10:59, ropers a icrit :
2009/5/1 dug <[email protected]>:
0>
1> #Allow SMTP, HTTPS
2> pass quick proto tcp from any to {<public-ip> <mail-server>} port
25
3> pass quick proto tcp from any to {<public-ip> <mail-server>} port
443
4> pass quick proto tcp from {<public-ip> <mail-server>} port 25 to
any
5> pass quick proto tcp from {<public-ip> <mail-server>} port 25 to
any
6> pass quick proto tcp from any port 25 to {<public-ip> <mail-
server>}
7> pass quick proto tcp from {<public-ip> <mail-server>} to any
port 25
Line 4 and 5 are identical. Presumably you wanted to write port 443
in line 5?
Ok. It's just a mistake rewriting the rule in the mail.
In my pf.conf, it's set to port 443, not port 25.
block in on em0: mail-server.59902 > 81.255.99.202.25: [|tcp] (ttl
63, id
14511, len 40)
block in on em0: mail-server.59902 > 81.255.99.202.25: [|tcp] (ttl
63, id
40161, len 52)
Not sure what's going on here; line 7 should match these.
That's my problem and what I don't understand ....
In a perfect world, my rule must match these packets .... But
currently not.
block in on em0: mail-server.25 > 81.28.185.240.1777: [|tcp] (ttl
63, id
4151, len 41)
Not sure what's going on there; line 4 (and, currently, 5) should
match these.
Setting the rule "pass quick from any to any" at the beginning of my
pf.conf file doesn't solve the problem.
I always have block on these packets ....
Logs of pftop tool :
pfTop: Up Rule 1-55/71, View: rules, Cache: 10000
RULE ACTION DIR LOG Q IF PR K PKTS BYTES
STATES MAX INFO
0 Pass Any Q K 560 69035
96 all flags S/SA
1 Block Any Log 44 1772
0 drop all
This is the option in the pf.conf file :
set block-policy drop
set skip on {gif0}
set loginterface $ext_if
set limit { states 100000, frags 50000 }
set optimization normal
set state-policy if-bound
scrub all no-df random-id fragment reassemble
Regards.
