On Wednesday 20 January 2010 23:21:35 Michael Lechtermann wrote:
> Am 20.01.2010 23:15, schrieb frantisek holop:
> > hmm, on Wed, Jan 20, 2010 at 04:58:32PM +0100, Michael Lechtermann said
> > that
> >
> >> it seems there is a bug in pfctl regarding the cleared time of a table
> >> entry. The attack actually happend this year, but the date shown is
> >> constantly changing:
> >
> > been like this forever...
> >
> > -pa-r-- bad-ssh
> > Addresses: 3
> > Cleared: Thu Jan 1 01:00:00 1970
> > References: [ Anchors: 0 Rules: 2
> > ] Evaluations: [ NoMatch: 0 Match: 0
> > ] In/Block: [ Packets: 0 Bytes: 0 ]
> > In/Pass: [ Packets: 0 Bytes: 0 ]
> > In/XPass: [ Packets: 0 Bytes: 0 ]
> > Out/Block: [ Packets: 0 Bytes: 0 ]
> > Out/Pass: [ Packets: 0 Bytes: 0 ]
> > Out/XPass: [ Packets: 0 Bytes: 0 ]
> >
> > i think i have sent a message about it ages ago but only to misc@
>
> For me, it is a new behavior. It still worked with OpenBSD snapshot from
> around 08/2009.
Hello,
I'm running latest current and I have the same issues now:
# pfctl -t tb1 -Ts -vvv
172.16.43.34
Cleared: Wed Dec 31 11:19:39 1969
172.16.43.35
Cleared: Wed Dec 31 11:19:39 1969
Actually this used to be displayed correctly 2 or 3 snapshots ago.
Is this a known bug?
Kind regards,
Didier
