PF in FreeBSD 10.0 Blocking Some SSH
Robert Simmons
rsimmons0 at gmail.com
Sun Jan 26 23:19:36 UTC 2014
Over the course of a few hours there are a handful of SSH packets that
are being blocked both in and out. This does not seem to affect the
SSH session, and all the blocked packets have certain flags set [FP.],
[R.], [P.], [.], [F.]. The following is my ruleset abbreviated to the
rules that apply to this problem:
ext_if = "en0"
allowed = "{ 192.168.1.10 }"
std_tcp_in = "{ ssh }"
block in log
block out log (user)
pass in quick on $ext_if proto tcp from $allowed to ($ext_if) port
$std_tcp_in keep state
Why are those packets being blocked?
More information about the freebsd-pf
mailing list