Hello!
Some time ago I already had business with ipf and everything was ok (I
used manual to create rules), server worked perfetcly.
Now I'am trying to setup the same server, but with newer version of
FreeBSD (8.1-RELEASE), the same manuals, the same settings, everything
works except firewall, and there is something strange:
for example, I have rules in my /etc/ipf.rules:
Code:
pass out quick on fxp0 all
pass in log quick on fxp0 proto tcp from any to any port = 80
block in log first quick on fxp0 all
in this case ipmon shows:
Code:
... fxp0 *...@0:1 p *xx.xx.xx.xx -> xx.xx.xx.xx,80 PR tcp len ...
that is OK
now I change second rule to:
Code:
pass in log quick on fxp0 proto tcp from any to any port = 80 flags S keep state
# because I want to use statefull firewall ofcourse
in this case ipmon shows:
Code:
... fxp0 *...@0:2 b* xx.xx.xx.xx -> xx.xx.xx.xx,80 PR tcp len ...
and that is NOT OK
I don't understand why, but now my connection does not match my rule...
why? can someone explain in to me?
May it be that there is some kind of bug and i have to patch my system?
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"