Re: afp+pf
I'm tring to send the packages throught he firewall, at least I think that Apple Finder tries to do this, the only packages I see while tcpdump-ing the pflog are those line I posted above. From: Michael K. Smith - Adhost mksm...@adhost.com To: Dánielisz László laszlo_daniel...@yahoo.com; freebsd-questions@freebsd.org Sent: Wed, December 23, 2009 7:35:00 PM Subject: RE: afp+pf Hello Danielisz: I'm sending you my pflog captured whiled I try to connect, maybe somebody will figure out something: # tcpdump -i rl0 -n port 548 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes 19:01:31.353245 IP 192.168.1.101.63912 192.168.1.1.548: Flags [S], seq 721406618, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 206874734 ecr 0,sackOK,eol], length 0 19:01:35.358575 IP 192.168.1.101.63912 192.168.1.1.548: Flags [S], seq 721406618, win 65535, options [mss 1460,sackOK,eol], length 0 Is your firewall acting as an Appletalk router? I guess I'm not understanding why you are sending AFP to the firewall and not through the firewall from host to host. When you log your block statement and tcpdump the pflog0 interface, are you seeing the blocks? Regards, Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: afp+pf
I just tried with flags any but still not working.
From: Dánielisz László laszlo_daniel...@yahoo.com
To: freebsd-questions@freebsd.org
Sent: Wed, December 23, 2009 5:01:41 PM
Subject: afp+pf
Hello,
It's been a while I struggeling how to deal with apf/netatalk passing trough my
pf rules. If I disable pf everything is working great (but I still do want
firewall on my server). I tried the following rule but it still don't lets me
in:
pass in log on $int_if inet proto { tcp, udp } from $localnet to ($int_if)
port=548 flags S/SA keep state
When I try a telnet on port 548 I got Operation timed out, in pflog I can see
that my Mac tries to connect but I have no clue why it can't when the
coresponding port is open, do you have any idea?
Thank you!
Laci
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: afp+pf
I'm sending you my pflog captured whiled I try to connect, maybe somebody will
figure out something:
# tcpdump -i rl0 -n port 548
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes
19:01:31.353245 IP 192.168.1.101.63912 192.168.1.1.548: Flags [S], seq
721406618, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 206874734
ecr 0,sackOK,eol], length 0
19:01:35.358575 IP 192.168.1.101.63912 192.168.1.1.548: Flags [S], seq
721406618, win 65535, options [mss 1460,sackOK,eol], length 0
From: Dánielisz László laszlo_daniel...@yahoo.com
To: freebsd-questions@freebsd.org
Sent: Wed, December 23, 2009 6:35:02 PM
Subject: Re: afp+pf
I just tried with flags any but still not working.
From: Dánielisz László laszlo_daniel...@yahoo.com
To: freebsd-questions@freebsd.org
Sent: Wed, December 23, 2009 5:01:41 PM
Subject: afp+pf
Hello,
It's been a while I struggeling how to deal with apf/netatalk passing trough my
pf rules. If I disable pf everything is working great (but I still do want
firewall on my server). I tried the following rule but it still don't lets me
in:
pass in log on $int_if inet proto { tcp, udp } from $localnet to ($int_if)
port=548 flags S/SA keep state
When I try a telnet on port 548 I got Operation timed out, in pflog I can see
that my Mac tries to connect but I have no clue why it can't when the
coresponding port is open, do you have any idea?
Thank you!
Laci
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: afp+pf
Hello Danielisz: I'm sending you my pflog captured whiled I try to connect, maybe somebody will figure out something: # tcpdump -i rl0 -n port 548 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes 19:01:31.353245 IP 192.168.1.101.63912 192.168.1.1.548: Flags [S], seq 721406618, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 206874734 ecr 0,sackOK,eol], length 0 19:01:35.358575 IP 192.168.1.101.63912 192.168.1.1.548: Flags [S], seq 721406618, win 65535, options [mss 1460,sackOK,eol], length 0 Is your firewall acting as an Appletalk router? I guess I'm not understanding why you are sending AFP to the firewall and not through the firewall from host to host. When you log your block statement and tcpdump the pflog0 interface, are you seeing the blocks? Regards, Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
