On Sun, 11 Dec 2011 22:57:12 -0500
Jim Seymour jseym...@linxnet.com wrote:
On Sun, 11 Dec 2011 20:03:59 -0500 (EST)
Wietse Venema wie...@porcupine.org wrote:
Wietse Venema:
bge1 @0:24 b my_outside_ip,25 - 89.73.201.168,36545 PR
tcp len 20 40 -AR OUT
Why are you blocking
James Seymour:
-AR means the ACK and RST flags are set.
My question is why is your firewall blocking outbound ACK|RST?
I'm using basically canned rulesets in my ipfilter setup. That is
the default deny at the end of bge1's output filters.
I must've
On Mon, 12 Dec 2011 08:24:38 -0500 (EST)
Wietse Venema wie...@porcupine.org wrote:
[snip]
There are two stateful engines: the TCP stack and ipfilter.
*nodding*
With keep state, ipfilter remembers the connection and lets
packets pass, up to the point that ipfilter believes the connection
James Seymour:
The TCP stack sends an outbound ACK|RST because it received
*something* on port 25. Your firewall should not have passed that.
Should not have passed it *incoming*, do you mean?
Indeed (assuming that ipfilter actually tracks state in the exact
same way as the TCP stack,
On Mon, 12 Dec 2011 09:11:26 -0500 (EST)
Wietse Venema wie...@porcupine.org wrote:
James Seymour:
The TCP stack sends an outbound ACK|RST because it received
*something* on port 25. Your firewall should not have passed that.
Should not have passed it *incoming*, do you mean?
Indeed
Hi All,
This may be a weird one, and may be completely OT. If the latter:
Feel free to tell me to bugger off :)
System is FreeBSD 8.2, running ipfilter and
postfix-current-2.9.2019,4.
Occasionally I see something like this from ipfilter in
/var/log/messages:
bge1 @0:24 b
Am 12.12.2011 00:10, schrieb Jim Seymour:
Occasionally I see something like this from ipfilter in
/var/log/messages:
bge1 @0:24 b my_outside_ip,25 - 89.73.201.168,36545 PR tcp len
20 40 -AR OUT
Looking in /var/log/maillog...
Dec 11 17:47:08 myhost
Jim Seymour:
Hi All,
This may be a weird one, and may be completely OT. If the latter:
Feel free to tell me to bugger off :)
System is FreeBSD 8.2, running ipfilter and
postfix-current-2.9.2019,4.
Occasionally I see something like this from ipfilter in
/var/log/messages:
On Sun, 2011-12-11 at 18:10:34 -0500, Jim Seymour wrote:
Looking in /var/log/maillog...
Dec 11 17:47:08 myhost postfix/smtpd[48290]: connect from
unknown[89.73.201.168]
Dec 11 17:47:10 myhost postfix/smtpd[48290]: NOQUEUE: reject:
RCPT from unknown[89.73.201.168]: 450
On Mon, 12 Dec 2011 00:14:08 +0100
Reindl Harald h.rei...@thelounge.net wrote:
[snip]
why do you use reject_unknown_reverse_client_hostname if you do
not like the results of it?
Why do you answer the question when you obviously have not read it?
(Or at least apparently not understood it.)
Am 12.12.2011 01:04, schrieb Jim Seymour:
On Mon, 12 Dec 2011 00:14:08 +0100
Reindl Harald h.rei...@thelounge.net wrote:
[snip]
why do you use reject_unknown_reverse_client_hostname if you do
not like the results of it?
Why do you answer the question when you obviously have not read it?
On Sun, 11 Dec 2011 18:35:23 -0500 (EST)
Wietse Venema wie...@porcupine.org wrote:
[snip]
Why are you blocking outbound TCP RST?
I am not, to the best of my knowledge.
There is a TCP control traffic rate limit in the border router, there
as a DoS prevention tactic, but that's it.
This
On Mon, 12 Dec 2011 01:11:00 +0100
Reindl Harald h.rei...@thelounge.net wrote:
Am 12.12.2011 01:04, schrieb Jim Seymour:
On Mon, 12 Dec 2011 00:14:08 +0100
Reindl Harald h.rei...@thelounge.net wrote:
[snip]
why do you use reject_unknown_reverse_client_hostname if you do
not like
On Sun, 11 Dec 2011 19:15:35 -0500
Jim Seymour jseym...@linxnet.com wrote:
Each of them occurs two-or-more
times, involving the same contacting IP.
Clarification: That was to say that, when it occurs multiple times
in a row, it's the same IP trying over-and-over again in each set of
retries. A
On Sun, 11 Dec 2011 20:03:59 -0500 (EST)
Wietse Venema wie...@porcupine.org wrote:
Wietse Venema:
bge1 @0:24 b my_outside_ip,25 - 89.73.201.168,36545 PR
tcp len 20 40 -AR OUT
Why are you blocking outbound TCP RST?
According to ipmon(8),
The web is rotting my brain. I never
15 matches
Mail list logo
