[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

statefull??



Dear all, i got a problem when migrating OpenBSD 3.2 to 3.5 regarding pf rules. now, seem to me the pf preloaded with 3.5 (maybe 3.4 also) didn't work as it should be (not statefull??), and the best thing is, this is not a problem anymore when i reverted back to openbsd 3.2, so does anyone here got the same problem as me?? thanks in advanced :-)

my  pf rules:-
# basic rules

scrub in all
block in log on fxp0 from any to any
block out log on fxp0 from any to any

#allow recieve email + sent email
pass in log quick on fxp0 inet proto {tcp,udp} from any to $MAIL port = smtp keep state
pass in log quick on fxp0 inet proto tcp from any to $MAIL port = 995 modulate state
pass out log quick on fxp0 inet proto {tcp,udp} from $MAIL to any port = smtp keep state


#log

May 13 17:07:22.837513 rule 2/0(match): block out on fxp0: MAIL.25 > 66.218.67.37.47732: S 3830913519:3830913519(0) ack 1714351640 win 5840 <mss 1460> (DF)
May 13 17:07:26.263070 rule 2/0(match): block out on fxp0: MAIL.995 > 202.157.204.182.52483: S 3821601644:3821601644(0) ack 1249176818 win 5840 <mss 1460,nop,nop,sackOK> (DF)