On cs, aug 16, 2012 at 20:43:18 +0100, Kevin Chadwick wrote:
> > > > pass all flags S/SA
> > > > pass in on pppoe0 inet proto tcp from to port = flags
> > > > S/SA synproxy state
> > > >
>
> Originally you posted pass in quick. Keep the quick in there, not for
> any reason other than I ha
> > > pass all flags S/SA
> > > pass in on pppoe0 inet proto tcp from to port = flags
> > > S/SA synproxy state
> > >
Originally you posted pass in quick. Keep the quick in there, not for
any reason other than I have a quick in my rules. Same with the NIC, I
don't have any logical hopes f
On cs, aug 16, 2012 at 15:10:51 +0100, Kevin Chadwick wrote:
> > # pfctl -sr
> > pass all flags S/SA
> > pass in on pppoe0 inet proto tcp from to port = flags S/SA
> > synproxy state
> >
> > This is the only rule. Otherwise it's just 'pass all'. If I remove this
> > rule too *or* change sy
On cs, aug 16, 2012 at 17:18:08 +0200, Christopher Zimmermann wrote:
> On Thu, 16 Aug 2012 14:37:50 +0200
> LEVAI Daniel wrote:
>
> > On cs, aug 16, 2012 at 14:26:05 +0200, LEVAI Daniel wrote:
> > > On cs, aug 16, 2012 at 12:20:56 +0100, Kevin Chadwick wrote:
> > > > > Any help would be appreciat
On Thu, 16 Aug 2012 14:37:50 +0200
LEVAI Daniel wrote:
> On cs, aug 16, 2012 at 14:26:05 +0200, LEVAI Daniel wrote:
> > On cs, aug 16, 2012 at 12:20:56 +0100, Kevin Chadwick wrote:
> > > > Any help would be appreciated.
> > >
> > > Works for me on 5.1
> > >
> > > I don't think it's the rule but
> # pfctl -sr
> pass all flags S/SA
> pass in on pppoe0 inet proto tcp from to port = flags S/SA
> synproxy state
>
> This is the only rule. Otherwise it's just 'pass all'. If I remove this
> rule too *or* change synproxy to keep, the connection is working.
>
I remember being puzzled by t
On cs, aug 16, 2012 at 14:26:05 +0200, LEVAI Daniel wrote:
> On cs, aug 16, 2012 at 12:20:56 +0100, Kevin Chadwick wrote:
> > > Any help would be appreciated.
> >
> > Works for me on 5.1
> >
> > I don't think it's the rule but the combination of rules. Try reordering
> > your ruleset. I've had a
On cs, aug 16, 2012 at 12:20:56 +0100, Kevin Chadwick wrote:
> > Any help would be appreciated.
>
> Works for me on 5.1
>
> I don't think it's the rule but the combination of rules. Try reordering
> your ruleset. I've had a problem before but I forget or never found the
> specific reason.
Okay,
> Any help would be appreciated.
Works for me on 5.1
I don't think it's the rule but the combination of rules. Try reordering
your ruleset. I've had a problem before but I forget or never found the
specific reason.
--
___
'Wr
On cs, aug 16, 2012 at 12:19:06 +0200, LEVAI Daniel wrote:
[...]
Forgot the dmesg. If it matters.
OpenBSD 5.1-stable (GENERIC) #0: Tue Aug 7 02:00:34 CEST 2012
root@.:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) 4 CPU 2.40GHz ("GenuineIntel" 686-class) 2.42 GHz
cpu0:
FPU
Hi!
I'm using 5.1-stable on two machines with pppoe connections. The pf
synproxy state option doesn't work on pppoe interfaces, it just sends
back a TCP reset when trying to connect to a port configured with
synproxy state.
Meanwhile it works on any other interface (eg. the internal LAN
interfac
11 matches
Mail list logo
