On 13 Jan 2003, Jason Dixon wrote:
> I'm trying to interpret a block rule that is showing in my
> pflogd/tcpdump output. The firewall is a bridge that is currently
> blocking all igmp, as well as 224.0.0.0/3 traffic (amongst other
> things). However, neither of these should log. What's particul
On Tue, Jan 14, 2003 at 10:20:19AM +0100, Dries Schellekens wrote:
> > Jan 13 17:50:02 cortez pf: Jan 13 17:40:43.230184 rule -1/3(short):
> > block in on rl1: 66.92.xxx.xxx > 238.7.6.6: igmp nreport 238.7.6.6 [ttl
> > 1]
>
> These igmp packets have ip options. By default PF blocks ip options. Yo
On Tue, 2003-01-14 at 04:28, Daniel Hartmeier wrote:
> On Tue, Jan 14, 2003 at 10:20:19AM +0100, Dries Schellekens wrote:
>
> > > Jan 13 17:50:02 cortez pf: Jan 13 17:40:43.230184 rule -1/3(short):
> > > block in on rl1: 66.92.xxx.xxx > 238.7.6.6: igmp nreport 238.7.6.6 [ttl
> > > 1]
> >
> > Thes
a HUP to init only works for /etc/ttys file (see init(8).
For pflogd you dont need a reboot. Just kill and restart it manually using
whatever options you have in /etc/rc.conf. pflogd will (correctly)
resume logging to the same log file even if options such as snaplen change.
you might miss a coupl
On Mon, Jan 13, 2003 at 06:40:39PM -0500, Michael Shalayeff wrote:
> the main problem is that all of the MX hosts for the
> domain(s) covered by the mail server running spamd
> have to filter the same list of ip addresses.
> otherwise they just remail it to the lower priority
> MX when it fails w/
Greets All:
I know this is really lame and has probably been been addressed time and
time again, but I have not been able to google a good
discussion/example of how to configure pf for incoming ftp and am under
the gun to get it done.
configuration is 3 legged routing firewall. ext_if is al