pf and http (ebay)?

Dick Davies rasputnik at
Fri Apr 8 09:41:57 PDT 2005

I have pf running on my laptop with a config including:

  pass out on $ext_if proto { tcp, udp } all keep state

(there's a 'block in log all' and  a couple of services allowed in too
further up, but that's the gist of it.)

which works well for some sites but not all. In particular,
going to 'my ebay' hangs firefox with a 

'waiting for'

message on the status bar.

pflog looks like:

  root$ tcpdump -r /var/log/pflog|grep ebay
  reading from file /var/log/pflog, link-type PFLOG (OpenBSD pflog file)
  17:29:56.885697 IP > laptop.ip.60674: R 2025419634:2025419634(0) ack 1452466570 win 64240
  17:30:07.917906 IP > laptop.ip.52293: R 1766217212:1766217212(0) ack 1086438034 win 64240

My guess is that pf is not letting the responses back from that
server because firefox didn't request from that server? 
But ipf on the gateway (which has a similar outbound keep state rule)
never had this problem - any idea what's going on, or how I can debug this?


'And if you think you're going to bleed all over me
you're even wronger than you normally be'
		-- The Specials, 'Little Bitch'
Rasputin :: Jack of All Trades - Master of Nuns

More information about the freebsd-stable mailing list