Issue with PF on FreeBSD 6.2.5?
Laurent LEVIER
llevier at argosnet.com
Fri Jul 6 19:15:57 UTC 2007
Hi All,
At 02:30 06/07/2007, David DeSimone wrote:
>Do you mean that you checked the session table (pfctl -ss) before and
>after running the pfctl -k command, and you find that the session is not
>removed?
First, thanks for your help.
I finally found the issue...
I was pinging indefinitely a host to check barring.
Apparently, UDP & TCP are really blocked right after the pfctl -k,
but ICMP ping (a ping -t from Windoze) keeps working.
Whatever I attempted to do, I did not succeeded setting up a real
barring on all ports & protocols.
I must now check some other weird protocols as AH/ESP to ensure the
HotSpot really bars properly traffic.
Brgrds
Laurent LEVIER
Systems & Networks Senior Security Expert, CISSP CISM
More information about the freebsd-pf
mailing list