On Wed, Oct 06, 2004 at 09:53:54PM +0200, i.t Consulting wrote: > I didn't expect postfix to get a spam message from 220.87.30.15 since pf > should already block port 25: > > # pfctl -vvsr > @16 block drop in log quick on rl0 proto tcp from <bloecke.port25:*> to any > port = smtp > [ Evaluations: 13 Packets: 0 Bytes: 0 States: > 0 ] > > the file bloecke.port25 contains the line: > 220.87.30.0/24 > > since I'm not a routing expert I just wondered what happened (?)
$ pfctl -t bloecke.port25 -vvTt 220.87.30.15 will tell you whether 220.87.30.15 matches any entries in table bloecke.port25. $ pfctl -t bloecke.port25 -vvTs lists all entries in table bloecke.port25. If there is no entry 220.87.30.0/24, you may not be loading the table correctly, or you've been clearing the table unintentionally, etc. Daniel
