Date: Thu, 31 Jan 2019 21:44:06 +0100 From: ASV <asv@inhio.net> To: Kristof Provost <kristof@sigsegv.be> Cc: questions list <freebsd-questions@freebsd.org> Subject: Re: PF issue since 11.2-RELEASE Message-ID: <96a0871e6a30b042378fc5526a70a8ccfa803ef6.camel@inhio.net> In-Reply-To: <20190131112237.GC57976@vega.codepro.be> References: <989e79372513e9769c6857b531f14df8ce0b6f3a.camel@inhio.net> <F26DA908-F2AC-4CBF-8227-A4C3D21865EE@FreeBSD.org> <e336fd332455cc9fe9f722482aae09ed6eeab610.camel@inhio.net> <51F0845A-2BB3-4BC9-977D-BB0E6C305ED3@FreeBSD.org> <a801e46a5c4ca3aaa8bc4d6b270319840908ad44.camel@inhio.net> <20190129193609.GB57976@vega.codepro.be> <c89b0bfc5decb895432b8427e4e70d58c5a7f0c9.camel@inhio.net> <20190131112237.GC57976@vega.codepro.be>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-+3SFJ77KJeoql2Q8kE7g Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Thu, 2019-01-31 at 12:22 +0100, Kristof Provost wrote: > What does pflog show? 00:00:00.000000 rule 25/0(match): pass in on lagg0: 212.83.XXX.XXX.5441 > 1= 00.100.10.XXX.5060: SIP: REGISTER sip:100.100.10.[!sip] 00:00:48.499578 rule 25/0(match): pass in on lagg0: 212.83.XXX.XXX.5457 > 1= 00.100.10.XXX.5060: SIP: REGISTER sip:100.100.10.[!sip] 00:00:48.182323 rule 25/0(match): pass in on lagg0: 212.83.XXX.XXX.5449 > 1= 00.100.10.XXX.5060: SIP: REGISTER sip:100.100.10.[!sip] 00:00:47.866652 rule 25/0(match): pass in on lagg0: 212.83.XXX.XXX.5477 > 1= 00.100.10.XXX.5060: SIP: REGISTER sip:100.100.10.[!sip] 00:00:47.801770 rule 25/0(match): pass in on lagg0: 212.83.XXX.XXX.5484 > 1= 00.100.10.XXX.5060: SIP: REGISTER sip:100.100.10.[!sip] 00:00:48.091841 rule 25/0(match): pass in on lagg0: 212.83.XXX.XXX.5594 > 1= 00.100.10.XXX.5060: SIP: REGISTER sip:100.100.10.[!sip] By the way, among my tests I've discovered that connectivity issues re- occur as soon as I mix network ranges and IP addresses within the same table (not even pf restart seems to make it work properly again). I used to have a script to populate a separate table with the spammers and from time to time I was adding network ranges when multiple (many) IP addresses within the same range were bombing me so I know it worked pretty well .... even when IP addresses were overlapping already specified ranges. Ex. 120.30.0.0/24 213.156.32.2 ......... ......... --=-+3SFJ77KJeoql2Q8kE7g Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEE5dE8BwbhhcQw2TsezaQsUNd+zIkFAlxTXhYACgkQzaQsUNd+ zImwZQgApr10fMHs/xVO2wQV+fbxOG33bgYEpOlnLIEhkbRcuBAqFcog0c/JPlot YV/RV61aByuloAls4KjpZjW9oJ9wwG8diAL4Hk6uBhFShehiPTXp6BIHap61lgTw 0kewOoLBrhkq/+5C/JcFtilayitpb76qbeSATAiUJhzMvqFdUA+J1BaSfvO/qDxM 8N0dcQzZsqdbYQwZfDx8xuXuge+Sx8fHyxttAE7hyMxkFtKqhBRqVUEzEbJkGQ0Y +4vcxCf9EwajQ9t8lJYk8Xat/G3MM8zUJgH9CBmFYGFPiZ322pu3ezEE8/Pl+8FV f/QAOh5xUv8NAm8H33ZAjG7PyRJHwQ== =6kZ5 -----END PGP SIGNATURE----- --=-+3SFJ77KJeoql2Q8kE7g--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?96a0871e6a30b042378fc5526a70a8ccfa803ef6.camel>