On Tue, Dec 20, 2005 at 07:05:45PM +0300, Sizov Alexander wrote:
> Hi!
>
> I have OpenBSD 3.8+vsftpd (from ports)+pf on my box.
> pfrules:
> table <rusip> persist file "/etc/rusip"
> block in from any to xx.xxx.xx.xxx
> pass in from <rusip> to xx.xxx.xx.xxx
> pass in from yy.yy.yyy.yy to xx.xxx.xx.xxx
> where xx.xxx.xx.xxx - server's ip.
> when I try to exec 'tcpdump -n -e -ttt -i pflog0' - all ftp
> connections are droping and blocking new connections.
There is not really enough information here to suggest a solution, but
be aware that vsftpd will not play nice with pf by default, as FTP is
always likely to do.
Also, 'keep state' will keep your box happy.
Joachim
