Date: Thu, 16 Sep 2004 04:00:51 -0000 From: jb <jb@riseup.net> To: Max Laier <max@love2party.net> Cc: pf4freebsd@freelists.org Subject: [pf4freebsd] Re: problem with 'user' Message-ID: <20040202135503.GA1715@fried.sakeos.net> In-Reply-To: <200402011931.28647.max@love2party.net> References: <20040130123456.GA773@fried.sakeos.net> <20040131070219.GA72233@kt-is.co.kr> <20040131170657.GA5331@fried.sakeos.net> <200402011931.28647.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Feb 01, 2004 at 07:31:28PM +0100, Max Laier wrote: >=20 > Please let us know if that was the case and we can assume that the user= =20 > stuff is working correctly now. Anyone else seeing this? it is possible there's something funny in my setup or something wrong I f= ail to see. I have the following: bash-2.05b$ sudo pfctl -Fs states cleared bash-2.05b$ sudo pfctl -f pf.ping bash-2.05b$ sudo pfctl -vvsr @0 pass in on lo0 all [ Evaluations: 0 Packets: 0 Bytes: 0 States: = 0 ] @1 pass out on lo0 all [ Evaluations: 0 Packets: 0 Bytes: 0 States: = 0 ] @2 block drop in log all [ Evaluations: 0 Packets: 0 Bytes: 0 States: = 0 ] @3 block drop out log all [ Evaluations: 0 Packets: 0 Bytes: 0 States: = 0 ] @4 pass out log quick all user =3D 1003 keep state [ Evaluations: 0 Packets: 0 Bytes: 0 States: = 0 ] @5 block drop out log proto icmp all [ Evaluations: 0 Packets: 0 Bytes: 0 States: = 0 ] # as user 1001: bash-2.05b$ ping 10.0.0.2 PING 10.0.0.2 (10.0.0.2): 56 data bytes 64 bytes from 10.0.0.2: icmp_seq=3D0 ttl=3D64 time=3D0.795 ms 64 bytes from 10.0.0.2: icmp_seq=3D1 ttl=3D64 time=3D0.693 ms 64 bytes from 10.0.0.2: icmp_seq=3D2 ttl=3D64 time=3D0.730 ms bash-2.05b$ sudo pfctl -vvsr @0 pass in on lo0 all [ Evaluations: 1 Packets: 0 Bytes: 0 States: = 0 ] @1 pass out on lo0 all [ Evaluations: 0 Packets: 0 Bytes: 0 States: = 0 ] @2 block drop in log all [ Evaluations: 1 Packets: 0 Bytes: 0 States: = 0 ] @3 block drop out log all [ Evaluations: 1 Packets: 0 Bytes: 0 States: = 0 ] @4 pass out log quick all user =3D 1003 keep state [ Evaluations: 1 Packets: 6 Bytes: 504 States: = 1 ] @5 block drop out log proto icmp all [ Evaluations: 0 Packets: 0 Bytes: 0 States: = 0 ] # in the meantime: bash-2.05b$ sudo pftcpdump -n -e -ttt -i pflog0 pftcpdump: WARNING: pflog0: no IPv4 address assigned pftcpdump: listening on pflog0 52. 041780 rule 4/0(match): pass out on sis0: 10.0.0.90 > 10.0.0.2: icmp:= echo request I've applied the patch Pyun sent me in the sources directly. I may have = done something weird at that moment. I will re-do things properly from ports/ later' jb
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040202135503.GA1715>