bad ruleset - pf not keeping state for some bridged connections?
Ask Bjørn Hansen
ask at develooper.com
Wed Sep 20 01:48:35 PDT 2006
On Sep 6, 2006, at 20:17, Ask Bjørn Hansen wrote:
> I am having a bit of trouble with my pf ruleset that I can't figure
> out.
>
> My ISP gives me a few static IPs, so I have a Soekris box running
> as a bridging firewall running 6.0-RELEASE-p4.
>
> It does NAT for my RFC1918 net and does the bridging firewall for
> my public IPs.
>
> I've posted my pf.conf here:
> http://tmp.askask.com/2006/09/pf.conf
>
> The bridge is setup with
> net.link.bridge.pfil_bridge=0
> net.link.bridge.pfil_member=1
>
> Some months ago I must have changed something that makes incoming
> ssh connections not (always) work.
[... http://lists.freebsd.org/pipermail/freebsd-pf/2006-September/
002616.html ..]
Actually, I noticed something else:
It's only when the box behind the FreeBSD box is running Fedora 5
this happens. A few packets are sent back and forth and then it's
like the session is dropped.
With OS X or RHEL the sessions get going just fine.
Any ideas for what to look for to debug this?
- ask
--
http://www.askbjoernhansen.com/
More information about the freebsd-pf
mailing list