Whats wrong with this ruleset?
Max Laier
max at love2party.net
Wed Mar 2 01:48:03 GMT 2005
On Wednesday 02 March 2005 00:14, Gerard Samuel wrote:
> For some reason, port 53 is blocked going out of the external interface ->
> 000000 rule 0/0(match): block out on ed0: IP xx.xxx.xxx.xx.53 >
> xx.xx.xx.xxx.4973
>
> Im still new to pf, but shouldn't the last two lines allow anything
> going out
> to pass??
> Any ideas on how to fix?
Can you send the output of "$pfctl -vsr" after some packets have been blocked?
The match counters are extremely helpful when debugging such problems.
--
/"\ Best regards, | mlaier at freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier at EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20050302/f8041a8a/attachment.bin
More information about the freebsd-pf
mailing list