Why if I'm blocking a type of connection do I see the block traffic hitting an interface which should be blocked.
# tcpdump -i pflog0 -n -e -ttt
Sep 09 07:21:43.839968 rule 288/0(match): block in on xl0: 139.142.113.124.4252 > XXX.XXX.XXX.XXX.135: S 1869485513:1869485513(0) win 8760 <mss 1460,nop,nop,sackOK> (DF)
# tcpdump -i xl0 dst XXX.XXX.XXX.XXX
07:21:50.453699 139.142.113.124.4252 > hXXX-XXX-XXX-XXX.isp.net.epmap: S 1869485513:1869485513(0) win 8760 <mss 1460,nop,nop,sackOK> (DF)
I know, I haven't included my rule sets, but there pretty straight forward, I block by default, then selectively allow certain services in and out.
- Re: Blocking Problem duncan
- Re: Blocking Problem Laurent Cheylus
