From owner-freebsd-security@FreeBSD.ORG Fri Jan 22 08:17:41 2010 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2F1681065693 for ; Fri, 22 Jan 2010 08:17:41 +0000 (UTC) (envelope-from kalin@el.net) Received: from mail.el.net (mail.el.net [74.1.12.120]) by mx1.freebsd.org (Postfix) with ESMTP id C07388FC33 for ; Fri, 22 Jan 2010 08:17:40 +0000 (UTC) Received: (qmail 27920 invoked by uid 1008); 22 Jan 2010 09:06:52 -0000 Received: from unknown (HELO kalins-macbook-pro.local) (kalin@el.net@24.193.246.51) by mail.el.net with ESMTPA; 22 Jan 2010 09:06:52 -0000 Message-ID: <4B5958E2.9010509@el.net> Date: Fri, 22 Jan 2010 02:50:58 -0500 From: kalin m User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: freebsd-security@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: pf rules X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Jan 2010 08:17:41 -0000 hi all... doing testing with pf... how is it possible that if i have these rules below in pf.conf if i do: telnet that.host.org 25 i get: Trying xx.xx.xx.xx... Connected to that.host.org. Escape character is '^]'. ........... etc ....... pf.conf contetns: tcp_in = "{ www, https }" ftp_in = "{ ftp }" udp = "{ domain, ntp }" ping = "echoreq" set skip on lo scrub in antispoof for eth0 inet block in all pass out all keep state pass proto udp to any port $udp pass inet proto icmp all icmp-type $ping keep state pass in inet proto tcp to any port $tcp_in flags S/SAF synproxy state pass proto tcp to any port ssh thanks....