From owner-freebsd-questions@FreeBSD.ORG Fri Jul 2 21:25:41 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B274A1065676 for ; Fri, 2 Jul 2010 21:25:41 +0000 (UTC) (envelope-from lconrad@Go2France.com) Received: from mgw1.MEIway.com (mgw1.meiway.com [81.255.84.75]) by mx1.freebsd.org (Postfix) with ESMTP id 778A98FC14 for ; Fri, 2 Jul 2010 21:25:41 +0000 (UTC) Received: from VirusGate.MEIway.com (virusgate.meiway.com [81.255.84.76]) by mgw1.MEIway.com (Postfix Relay Hub) with ESMTP id 13C70471845 for ; Fri, 2 Jul 2010 23:25:43 +0200 (CEST) Received: from mail.Go2France.com (ms1.meiway.com [81.255.84.73]) by VirusGate.MEIway.com (Postfix) with ESMTP id 95C453865B9 for ; Fri, 2 Jul 2010 23:25:43 +0200 (CEST) (envelope-from lconrad@Go2France.com) Date: Fri, 2 Jul 2010 23:25:58 +0200 Message-Id: <201007022325.AA132710676@mail.Go2France.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii From: "Len Conrad" X-Sender: To: X-Mailer: Subject: Subject: pf: pass in quick to port 25 still getting some blocks X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: lconrad@Go2France.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Jul 2010 21:25:41 -0000 setting up pf on fbsd 7.2 for host security on a mail gateway. the only rule for port 25 is: pass in quick on em0 inet proto tcp from any to $ext_if port = smtp flags S/SA keep state and then last rule: block drop in log on em0 inet from any to $ext_if while 1000s of connections to port 25 are getting through with the pass rule, several 100 connections are getting blocked with the default block rule, bypassing the pass rule. I can't see how pf is selecting these connections to be blocked. thanks Len