Date: Wed, 7 May 2008 13:34:00 -0400 From: "Ansar Mohammed" <ansarm@gmail.com> To: <freebsd-pf@freebsd.org> Subject: UDP weirdness Message-ID: <004f01c8b068$89c89350$9d59b9f0$@com>
next in thread | raw e-mail | index | archive | help
I have a very simple configuration yet I am bemused as to what I am doing wrong. Windows 2003 <- FreeBSD-PF -> Windows 2003 192.168.3.2 192.168.3.1 192.168.2.2 192.168.2.130 Here are my rules ext_if="le0" int_if="le1" int_net="192.168.3.0/24" ext_net="192.168.2.0/24" int_addr="192.168.3.1" ext_addr="192.168.2.2" scrub on $ext_if all reassemble tcp scrub on $int_if all reassemble tcp block in log all pass in proto icmp from any to any pass in proto udp from any to any port 53 pass in on $ext_if inet proto tcp from any to any port 3389 DNS traffic is allowed though but the return packet gets blocked. Can anyone explain why? This is true on ALL UDP traffic TCP traffic works well Pflog message: 065276 rule 0/0(match): block in on le1: 192.168.3.2.53 > 192.168.2.130.3837: [|domain]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004f01c8b068$89c89350$9d59b9f0$>