[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: vnc and pf

On Tue, 2004-12-28 at 11:57, Jayel Villamin wrote:
> I have been looking at this tcpdump log for the last hour.
> ------
> 03:26:46.533038 > S
> 111902708:111902708(0) win 65535 <mss 1460,nop,nop,sackOK> (DF)
> -----
> I have 2 subnets behind my obsd firewall. and
> as can be seen in the log, I'm trying to connect (via VNC) from
> to But every time I try it, PF blocks the
> connection which is correct cause the first packet filtering rule is a
> "block log all".
> I have tried numerous rule combo without much luck. I am not an expert
> with tcp internals so I really really appreciate if you could write
> the rule for me. Thanks :)

have you looked through:


and also:  man 5 pf.conf

in the spirit of the season:

  pass inet proto tcp from to port = 5905 \
    flags S/SA keep state


"Oh, so they have internet on computers now!"
	--The Simpsons

Visit your host, monkey.org