Date: Fri, 7 Mar 2008 13:37:11 -0600 From: "Preston Hagar" <prestonh@gmail.com> To: "Alaor Barroso de Carvalho Neto" <alaorneto@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Please help me with my PF config Message-ID: <8f5897560803071137k5be64b92j2a2de604661cb83e@mail.gmail.com> In-Reply-To: <2949641c0803061002t1861694ajb5ce75559a23bc33@mail.gmail.com> References: <2949641c0803060554q2ecba5e7g7920bf0b252277c9@mail.gmail.com> <47D00412.40803@locolomo.org> <2949641c0803061002t1861694ajb5ce75559a23bc33@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Mar 6, 2008 at 12:02 PM, Alaor Barroso de Carvalho Neto <alaorneto@gmail.com> wrote: > 2008/3/6, Erik Norgaard norgaard@locolomo.org: > I know my config is far away from a good config but it's the first time I > configure an firewall, and I have only basic english knowledge, I'm not > totally sure about I can and I can not do, even since I read the tutorials, > because my english skills aren't good enough. The "IN" and "OUT" stuff is > very confusing for me yet. > > But thankz a lot, it's working now. > > Hugs, > Alaor Neto > > It looks like you already have your problem solved. One utility you might want to look at is pftop. With it, you can see pretty much in real time what is going through pf and what is being blocked. This has helped me a lot to find out which rule in blocking something I need to let through. If you run pftop, then hit the right arrow key, it will have the rule that is being applied for a given connection on the far right-hand side. If you hit SHIFT+S it will order the connections by source ip to help you find what you are looking for. Once you have the rule number that is blocking the connection you need to let through, hit the right arrow 4 more times to see the list of rules and their corresponding numbers. It may or may not be of much use to you, but I have found pftop to be indispensable when setting up pf firewalls. Preston
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8f5897560803071137k5be64b92j2a2de604661cb83e>