Date: Thu, 16 Sep 2004 03:47:20 -0000 From: Alan Bryan <alan@precisionautobody.com> To: pf4freebsd@freelists.org, "Max Laier" <max@love2party.net> Subject: [pf4freebsd] Re: Bridging? Message-ID: <200308271625.05235.alan@precisionautobody.com> In-Reply-To: <01a901c36cee$09bd6810$01000001@max900> References: <200308262103.12394.alan@precisionautobody.com> <200308262247.46254.alan@precisionautobody.com> <01a901c36cee$09bd6810$01000001@max900>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 27 August 2003 03:53 pm, Max Laier wrote: > That's strange. Can you send output of "pfctl -gvvsa" after some traffic. > Maybe with this ruleset: > > block in log > block out log > <<<< Done. See way down below (also attached in case formatting is weird). I sent traffic in both directions. A port scan in one direction and a machine browsing the web in the other. About 5 minutes of traffic. > > If you have time to test a bit, I'd like to send you some debugging code to > run, as I don't have a bridge setup at hand for testing. > OK - send away. Anything I can do to help. I have tons of time and really need to get this working ASAP. Another strange tidbit of info - I needed to get the results of "pfctl -gvvsa" onto my other machine to type up this email so I enabled the default route and gave one card an IP in rc.conf and rebooted. When it came back up I couldn't ssh to the box (as expected) because the block rules were still there. So pf seems to work once I've bound an IP address to a NIC but ignores the bridge??? Thanks for the help, Alan @0 block drop in log all [ Skip steps: i=end f=end p=end sa=end sp=end da=end dp=end ] [ queue: qname= qid=0 pqname= pqid=0 ] [ Evaluations: 50 Packets: 50 Bytes: 6853 States: 0 ] @1 block drop out log all [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] [ queue: qname= qid=0 pqname= pqid=0 ] [ Evaluations: 50 Packets: 0 Bytes: 0 States: 0 ] Status: Enabled for 0 days 00:06:53 Debug: None State Table Total Rate current entries 0 searches 50 0.1/s inserts 0 0.0/s removals 0 0.0/s Counters match 50 0.1/s bad-offset 0 0.0/s fragment 0 0.0/s short 0 0.0/s normalize 0 0.0/s memory 0 0.0/s tcp.first 120s tcp.opening 30s tcp.established 86400s tcp.closing 900s tcp.finwait 45s tcp.closed 90s udp.first 60s udp.single 30s udp.multiple 60s icmp.first 20s icmp.error 10s other.first 60s other.single 30s other.multiple 60s frag 30s interval 10s states hard limit 10000 frags hard limit 5000 -- Attached file included as plaintext by Ecartis -- -- File: results.txt @0 block drop in log all [ Skip steps: i=end f=end p=end sa=end sp=end da=end dp=end ] [ queue: qname= qid=0 pqname= pqid=0 ] [ Evaluations: 50 Packets: 50 Bytes: 6853 States: 0 ] @1 block drop out log all [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] [ queue: qname= qid=0 pqname= pqid=0 ] [ Evaluations: 50 Packets: 0 Bytes: 0 States: 0 ] Status: Enabled for 0 days 00:06:53 Debug: None State Table Total Rate current entries 0 searches 50 0.1/s inserts 0 0.0/s removals 0 0.0/s Counters match 50 0.1/s bad-offset 0 0.0/s fragment 0 0.0/s short 0 0.0/s normalize 0 0.0/s memory 0 0.0/s tcp.first 120s tcp.opening 30s tcp.established 86400s tcp.closing 900s tcp.finwait 45s tcp.closed 90s udp.first 60s udp.single 30s udp.multiple 60s icmp.first 20s icmp.error 10s other.first 60s other.single 30s other.multiple 60s frag 30s interval 10s states hard limit 10000 frags hard limit 5000
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200308271625.05235.alan>