Hello all. I have a ruleset where iam explicitly allowing incoming connections on port 22.. (default is block log all) .. for some weird reason they are getting blocked
log says: Apr 21 17:09:49.105052 rule 1/(match) block in on fxp0: my.client.ip.here.54711 > my.server.ip.here.22: S 2999658291:2999658291(0) win 5840 <mss 1460,sackOK,timestamp 7094694[|tcp]> ( Using OBSD 4.6 .. the name of the interface does match with ifconfig (only 1 network card) pass out works without any problem. dns_servers = "{ 208.67.222.220, 208.67.222.222, 4.2.2.1, 4.2.2.2 }" set block-policy drop set loginterface $t_externa set skip on lo set debug urgent ##scrub match in all scrub (no-df) ##translation ## filter rules block log all pass out antispoof quick for { lo $t_externa } ## Traffic IN pass in log quick on $t_externa inet proto { tcp, udp } from any to ($t_externa) \ port { 22 8080 } keep state ## Traffic OUT pass out quick on $t_externa inet proto { tcp, udp } from ($t_externa) to $dns_servers \ port 53 keep state pass out quick on $t_externa inet proto { tcp } from ($t_externa) to any \ port { 80 443 } flags S/SA modulate state pass out inet proto icmp all icmp-type { echoreq, unreach } keep state Please help! Thanks Andres