Hi, I don't know if I'm hitting a bug or I'm missing something. I'm using 7.2 (ZEN), enabled passthrough and configured it like this:

[root@srvpf ~]# grep ^passt /usr/local/pf/conf/pf.conf
passthrough=enabled
passthroughs=*.facebook.com,*.fbcdn.net,*.akamaihd.net,portquiz.net:tcp:8080

Notice that the last one has a port defined. Unfortunetely the only ports opened are 80 and 443:

[root@srvpf ~]# ipset list pfsession_passthrough
Name: pfsession_passthrough
Type: hash:ip,port
Revision: 2
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 16592
References: 2
Members:
178.33.250.62,tcp:80
178.33.250.62,tcp:443

Where 178.33.250.62 is the ip address of portquiz.net

This is a log snippet of pfdns in TRACE mode

Aug 8 17:04:15 srvpf pfdns: pfdns(3121) DEBUG: [mac:[undef]] pfdns: caught SIGTERM - terminating (main::normal_sighandler) Aug 8 17:04:15 srvpf pfdns: pfdns(3121) DEBUG: [mac:[undef]] pfdns: caught SIGTERM - terminating (main::normal_sighandler) Aug 8 17:04:15 srvpf pfdns: pfdns(3121) DEBUG: [mac:[undef]] pfdns: caught SIGTERM - terminating (main::normal_sighandler) Aug 8 17:04:15 srvpf pfdns: pfdns(3121) DEBUG: [mac:[undef]] pfdns: caught SIGTERM - terminating (main::normal_sighandler) Aug 8 17:04:15 srvpf pfdns: pfdns(3121) DEBUG: [mac:[undef]] pfdns: caught SIGTERM - terminating (main::normal_sighandler) Aug 8 17:04:15 srvpf pfdns: pfdns(3121) INFO: [mac:[undef]] stopping pfdns (main::END) Aug 8 17:04:23 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] invalid IP: from __ANON__ (pf::util::valid_ip) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::SwitchTypesConfigured in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] cache get for namespace='configfiles', key='/usr/local/pf/conf/pf.conf', cache='Redis:l1_cache', time='0ms': MISS (not in cache) (CHI::Driver::_log_get_result) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] cache get for namespace='Default', key='HASH(0x3e4b210)', cache='RawMemory', time='0ms': MISS (not in cache) (CHI::Driver::_log_get_result) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] cache set for namespace='Default', key='{"encoding":null,"reconnect":"60","server":"127.0.0.1:6379"}', size=1, expires='never', cache='RawMemory', time='0ms' (CHI::Driver::_log_set_result) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] cache get for namespace='configfiles', key='/usr/local/pf/conf/pf.conf', cache='Redis', time='3ms': HIT (CHI::Driver::_log_get_result) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] cache set for namespace='configfiles', key='/usr/local/pf/conf/pf.conf', size=1, expires='never', cache='Redis:l1_cache', time='0ms' (CHI::Driver::_log_set_result) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Network in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Network in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Network in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Network in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Network in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Network in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:25 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Network in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:26 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Process pfdns - 1 handling request for IP : 192.168.112.10 (main::response_handler) Aug 8 17:04:26 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] instantiating new pf::access_filter::dns (pf::access_filter::new) Aug 8 17:04:26 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Requested Domain: clients4.google.com (main::regzone) Aug 8 17:04:26 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key resource::passthroughs in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:26 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] instantiating new pf::access_filter::dns (pf::access_filter::new) Aug 8 17:04:26 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:26 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid) Aug 8 17:04:26 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Memory configuration is still valid for key config::Pf in local cached_hash (pfconfig::cached::is_valid)
<CUT>
Aug 8 17:04:38 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Process pfdns - 3 handling request for IP : 192.168.112.10 (main::response_handler) Aug 8 17:04:38 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] instantiating new pf::access_filter::dns (pf::access_filter::new) Aug 8 17:04:38 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Requested Domain: portquiz.net (main::regzone) Aug 8 17:04:38 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] cache get for namespace='Default', key='HASH(0x3e4b210)', cache='RawMemory', time='0ms': MISS (not in cache) (CHI::Driver::_log_get_result) Aug 8 17:04:38 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] cache set for namespace='Default', key='{"encoding":null,"reconnect":"60","server":"127.0.0.1:6379"}', size=1, expires='never', cache='RawMemory', time='0ms' (CHI::Driver::_log_set_result) Aug 8 17:04:38 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] cache get for namespace='pfdns', key='resolve-A-portquiz.net', cache='Redis', time='2ms': MISS (not in cache) (CHI::Driver::_log_get_result) Aug 8 17:04:38 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] cache set for namespace='pfdns', key='resolve-A-portquiz.net', size=60, expires='10m', cache='Redis', time='0ms' (CHI::Driver::_log_set_result) Aug 8 17:04:38 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] ipset process pid : 4642 (pf::ipset_cache::_add_pairs_to_ipset) Aug 8 17:04:38 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] cache set for namespace='pfsession_passthrough', key='178.33.250.62,tcp:80', size=1, expires='never', cache='RawMemory', time='0ms' (CHI::Driver::_log_set_result) Aug 8 17:04:38 srvpf pfdns: pfdns(4628) DEBUG: [mac:[undef]] cache set for namespace='pfsession_passthrough', key='178.33.250.62,tcp:443', size=1, expires='never', cache='RawMemory', time='0ms' (CHI::Driver::_log_set_result) Aug 8 17:04:38 srvpf pfdns: pfdns(4628) TRACE: [mac:[undef]] Response : $VAR1 = [
          'NOERROR',
          [
            bless( {
                     'owner' => bless( {
                                         'origin' => bless( {
'label' => [
'portquiz',
'net'
]
}, 'Net::DNS::DomainName' ),
                                         'label' => []
                                       }, 'Net::DNS::DomainName1035' ),
                     'rdlength' => 4,
                     'ttl' => 600,
                     'address' => '▒!▒>',
                     'class' => 1,
                     'type' => 1
                   }, 'Net::DNS::RR::A' )
          ],
          [],
          [],
          {
            'aa' => 1
          }
        ];
 (main::regzone)

--
Mammoli Cristian
System administrator
T. +39 0731 22911
Via Brodolini 6 | 60035 Jesi (an)


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to