[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: routing problems, (misconfig'd pf ruleset?)

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: routing problems, (misconfig'd pf ruleset?)
From: Daniel Hartmeier <daniel_(_at_)_benzedrine_(_dot_)_cx>
Date: Mon, 29 Oct 2001 01:21:05 +0100

On Sun, Oct 28, 2001 at 02:22:34PM -0800, eliab wrote:

> i can route to any addy as long as pf is disabled, but as soon as i bring
> it up, using pfctl -e, i get 'no route to host' when i ping anything, or
> try to ssh to any hosts.
> 
> how can i figure out what to pass through, if anything?

Add the 'log' option to all blocking rules (you already have that,
mostly), then check /var/log/pflog for entries (tcpdump -n -e -ttt -r
/var/log/pflog as per pflogd(8)). You'll see what packets are block by
what rules.

> block out log quick on $ext_if from ! 66.89.128.130 to any

This blocks all packets from going out if they don't have a source
address of 66.89.128.130. Is that what you want?

Daniel

Prev by Date: Re: Getting source from 2.8CD
Next by Date: Re: KDE 2.2.1 (was: Re: KDE 2.1.1)
Previous by thread: Re: routing problems, (misconfig'd pf ruleset?)
Next by thread: multibooting other *bsd's
Index(es):
- Date
- Thread

Visit your host, monkey.org