I keep seeing this in my mail log:
I have set up a table in pf.conf:
And this is my table:
I have "restarted" pf with:
I'm lost!
Code:
Oct 5 07:28:56 srv04 postfix/smtpd[27489]: connect from unknown[185.234.219.57]
Oct 5 07:28:57 srv04 postfix/smtpd[27489]: lost connection after AUTH from unknown[185.234.219.57]
Oct 5 07:28:57 srv04 postfix/smtpd[27489]: disconnect from unknown[185.234.219.57] ehlo=1 auth=0/1 commands=1/2
I have set up a table in pf.conf:
Code:
ext_if="vmx0"
me="123.123.123.123"
good_tcp_ports="{ 28300,443,80,25,22334 }"
set skip on lo0
block in all
block out all
pass in quick on $ext_if inet proto tcp from any to $me port $good_tcp_ports
pass in on $ext_if proto tcp from any to $me port 22334 flags S/SA synproxy state
pass in on $ext_if proto tcp from any to $me port > 40000 keep state
pass out keep state
pass in quick on $ext_if inet proto udp from any port 53 to $me
pass in on $ext_if inet proto icmp all icmp-type echoreq keep state
pass out quick on $ext_if inet proto { tcp, udp, icmp } from $me to any
table <blockedips> persist file "/usr/local/etc/pf.blocked.ip.conf"
block drop in log (all) quick on $ext_if from <blockedips> to any
And this is my table:
pfctl -t blockedips -T show
Code:
185.234.219.0/24
185.234.219.100
185.234.219.56
185.234.219.57
185.0.0.0/24
I have "restarted" pf with:
pfctl -f /usr/local/etc/pf.conf
I'm lost!