ipf blocking pass rule
James Bowman Sineath, III
sineathj1 at citadel.edu
Thu Jun 9 19:24:34 GMT 2005
Thank you, I wasn't aware that it did that.
Your response was my first impression as well, however I looked at it
further and I don't believe that is the case. When I have log first in my
other rules, it rarely takes effect. I used it to cut down on the number of
logs produced, but it only does so within a very short amount of time. I
also have not experienced that problem with any other rules or ports, even
though I have log first in most of my rules.
It always seems to block every other connection attempt, regardless of
timing. It passes the first connection, then the second connection occurs
five minutes later and is blocked, then the process is repeated. Five
minutes later I get another connection attempt that is passed, then the next
one is blocked five minutes later. I don't have this problem with any other
ports or rules, even though this rule is identical to my other pass in rules
except for port number. Thanks again.
> James Bowman Sineath, III wrote:
> You should send messages to the list directly. When you start your
> question by hitting "reply" to a question about shell accounts, your
> message will be lumped under there in a lot of mail clients, and is less
> likely to be see.
>> I have the following rule in my ipf.rules:
>> pass in log first quick on xl0 proto tcp from any to any port = 25 keep
>> for some reason it will pass the first connection but block the next. A
>> log is below. Any ideas on why this is happening would be much
> I'm no IPF expert, but I'd wonder if "pass in log FIRST quick" is doing
> exactly what you describe correctly ...
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions