Hi list, We had an ICMP flood against one of our servers this weekend and I noticed something strange. Whenever I ran '/sbin/pfctl -Fr -f /etc/pf.conf' ICMP packets started to slip through for a second and a couple of states related to those ICMP packets were created. The only time ICMP packets got through the firewall was when I reloaded the ruleset. The box in question is running OpenBSD 4.1-STABLE and the ruleset in question is using a "default deny" policy. Is that expected behaviour ?
--
Med venlig hilsen / Best Regards

Henrik Johansen
[EMAIL PROTECTED]

Reply via email to