Hi
I have a problem (again) with PF firewall. In my config file for the rules I have the following lines (among others)
so in my understanding every IP from <homeLAN>-table should be allowed to access those ports in the 2nd rule. But if I check the blocked pakets with
the sending IP is within <homeLAN>-table but the pakets get dropped anyway. Am I missing an important point or why these pakets get blocked?
Thanks for any idea
tobi
I have a problem (again) with PF firewall. In my config file for the rules I have the following lines (among others)
Code:
table <homeLAN> const { 192.168.199.0/24, 192.168.200.0/24, 10.66.77.0/24, 127.0.0.1 }
pass in quick proto { udp tcp } from <homeLAN> to any port { 993 3483 9000 }
block in log quick proto { udp tcp } from any to any port { 137 138 139 445 993 3483 9000 }$ tcpdump -n -e -ttt -i pflog0 I can see the following
Code:
00:00:00.484582 rule 40..16777216/0(match): block in on em1: 192.168.199.51.45641 > 192.168.200.203.9000: Flags [F.], seq 0, ack 2, win 3456, options [nop,nop,TS val 110843131 ecr 351052784], length 0
00:00:12.971526 rule 40..16777216/0(match): block in on em1: 192.168.199.51.45641 > 192.168.200.203.9000: Flags [.], ack 2, win 3456, options [nop,nop,TS val 110844638 ecr 351068344,[|tcp]>Thanks for any idea
tobi
