On 11 December 2009, at 19:30, Doug Hardie wrote:
> I am running 7.2-Stable with pf. I have the following pf.conf:
>
> no rdr inet proto tcp from <spamd-white-local> to any port smtp
> no rdr inet proto tcp from <spamd-white> to any port smtp
> rdr pass inet proto tcp from any to any port smtp -> 127.0.0.1 port spamd
>
> This is the basic spamd configuration with an extra table <spamd-white-local>
> which lists hosts to go directly to the mail server. Everything works
> properly. Hosts not in either spamd table go to spamd and those in either
> spamd table go directly to the mail server. However, the pf statistics don't
> seem to make sense to me. I always see the following:
>
> no rdr inet proto tcp from <spamd-white-local> to any port = smtp
> [ Evaluations: 1193433 Packets: 0 Bytes: 0 States: 0
> ]
> [ Inserted: uid 0 pid 73310 ]
> no rdr inet proto tcp from <spamd-white> to any port = smtp
> [ Evaluations: 110124 Packets: 0 Bytes: 0 States: 0
> ]
> [ Inserted: uid 0 pid 73310 ]
> rdr pass inet proto tcp from any to any port = smtp -> 127.0.0.1 port 8025
> [ Evaluations: 110124 Packets: 63 Bytes: 3516 States: 1
> ]
> [ Inserted: uid 0 pid 73310 ]
>
> Where the first two entries never show any Packets and the third shows
> everything. Does "no rdr" work differently than "rdr" with the statistics?
> I understood from the Book of PF that the rules were evaluated such that the
> last matching rule is used. Hence I think that with the above conf file the
> spamd-white-local table would never get used as the connection will match one
> of the 2 following rules.
>
> So I ran another test by putting the first rule last:
>
> no rdr inet proto tcp from <spamd-white> to any port smtp
> rdr pass inet proto tcp from any to any port smtp -> 127.0.0.1 port spamd
> no rdr inet proto tcp from <spamd-white-local> to any port smtp
>
> Now entries in <spamd-white-local> are ignored and, the statistics are quite
> different:
>
> no rdr inet proto tcp from <spamd-white> to any port = smtp
> [ Evaluations: 79 Packets: 0 Bytes: 0 States: 0
> ]
> [ Inserted: uid 0 pid 86983 ]
> rdr pass inet proto tcp from any to any port = smtp -> 127.0.0.1 port 8025
> [ Evaluations: 52 Packets: 25 Bytes: 1395 States: 1
> ]
> [ Inserted: uid 0 pid 86983 ]
> no rdr inet proto tcp from <spamd-white-local> to any port = smtp
> [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0
> ]
> [ Inserted: uid 0 pid 86983 ]
>
>
> Now the last rule says its never evaluated. This indicates that its the
> first rule that matches that is used rather than the last. However, why are
> there never any packets counted in the "no rdr" rules?
>
It appears that my reply with the full pf.conf didn't make the list. Am trying
again.
MAILHOSTS = "{zoon.lafn.org}"
table <spamd> persist
table <spamd-white> persist
table <spamd-white-local> persist file "/etc/mail/whitelist"
no rdr on { lo0, lo1 } from any to any
no rdr inet proto tcp from <spamd-white-local> to any port smtp
no rdr inet proto tcp from <spamd-white> to any port smtp
rdr pass inet proto tcp from any to any port smtp -> 127.0.0.1 port spamd
pass in log inet proto tcp to $MAILHOSTS port smtp keep state
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
