[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Very Annoying problem... blocks everything...

On Mon, 2002-12-16 at 22:46, Shawn Mitchell wrote:
> on the "tcpdump -nettti pflog0" command, should everything match the last
> two rules, which are:
> pass in log quick inet from any to any
> pass out log quick inet from any to any
No.  You have a gazillion other "quick" rules in front of these.  The
first one that matches is going to force the action.  That's why "quick"
should be used very conservatively.
Otherwise, last match wins.
> They were block, but I changed them to pass so I could better see what's
> going on with live traffic...
Don't start changing your rules without monitoring your traffic.  What
kind of logged traffic are you seeing?  We can't help you if you don't
work with us.