Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 27 Feb 2012 11:58:02 -0500
From:      Jon Radel <jon@radel.com>
To:        "Bender, Chris" <chris_bender@cellularatsea.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Email issues, relay failure
Message-ID:  <4F4BB61A.1060600@radel.com>
In-Reply-To: <assp.0404fbad3d.863259E16B6C464DAD1E9DD10BB31154059CFDA4@wmsexg01.corp.cellularatsea.com>
References:  <863259E16B6C464DAD1E9DD10BB31154059CFBAE@wmsexg01.corp.cellularatsea.com> <4F48BAF6.9070204@ifdnrg.com> <863259E16B6C464DAD1E9DD10BB31154059CFBE7@wmsexg01.corp.cellularatsea.com> <4F48EC21.7040805@ifdnrg.com> <863259E16B6C464DAD1E9DD10BB31154059CFBEE@wmsexg01.corp.cellularatsea.com> <4F48F45F.4080304@ifdnrg.com> <863259E16B6C464DAD1E9DD10BB31154059CFBF4@wmsexg01.corp.cellularatsea.com> <4F492262.5090505@radel.com> <7409DAB4-F76A-493B-9A50-A663E6F6802E@cellularatsea.com> <4F4BB19A.8040005@radel.com> <assp.0404fbad3d.863259E16B6C464DAD1E9DD10BB31154059CFDA4@wmsexg01.corp.cellularatsea.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

This is a cryptographically signed message in MIME format.

--------------ms080506060205070603050200
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable

On 2/27/12 11:45 AM, Bender, Chris wrote:

> I was thinking about just reloading the pf.conf but I have never worked=

> with pf so
> I am worried other things might break. My thought was by doing that the=

> Adaptive part of the pfctl would be restarted?

Any pf.conf file I've ever seen does something sensible  after reload.=20
I suspect one could write something perverse that blows up on restart,=20
but that would making rebooting the machine problematic....

>
> Does that make sense would reloading the rules wash the adaptive
> behavior away or
> Would all that still be in some sort of bruteforce file to protect the
> firewall?

pf can load data from files when it starts or just manage things in a=20
fashion that is transient upon restart.  Hard to say what's happening in =

your case w/o a clue as to what's in pf.conf.

I'd suggest that you at the very least whitelist internal SMTP speakers=20
that you expect to get e-mail from on a regular basis, even if you do=20
throttling of SMTP connections in general.  Much less messy....

--=20
--Jon Radel
jon@radel.com


--------------ms080506060205070603050200--



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?4F4BB61A.1060600>