[pf4freebsd] Re: pfaltq-5.1.0.4 problem using fingerprinting
Bruno Afonso
brunomiguel at dequim.ist.utl.pt
Wed Sep 15 20:49:51 PDT 2004
Bruno Afonso wrote:
> All seems to be working fine including AltQ integration. Only a minor
> glitch when I do ifconfig. (box reboots... works perfectly fine on
> another 5.1 box. Probably a kernel option. Will do some more research on
> this...)
>
> Anyway, passive fingerprinting may have a bug,
> This is the important rule in question:
>
> #ssh
> pass in on $ext_if proto tcp from any os Windows to $main_ip port 22
> modulate state queue(interact_bulk,interact_ack)
>
> Without the "os Windows" everything works fine. And I am coming in from
> a Windows box as tcpdump shows:
To make it clear, it _never_ allows my remote windows box to log in.
More information about the freebsd-pf
mailing list