On Thu, 2006-09-07 at 10:46 -0400, Asenchi wrote: > On 9/7/06, Chris Cameron <[EMAIL PROTECTED]> wrote: > > Have two 3.8 firewalls in a CARP setup, and through this firewall I'm > > unable to get to ticketmaster.ca or .com. They both have different IPs.
> But make sure you have read and understand the FAQ [1] and the man > pages for pf.conf [2], carp [3], pfsync [4] before responding. > > hth, > Asenchi. > > [1] http://www.openbsd.org/faq/pf/index.html > [2] http://urlx.org/openbsd.org/4a4bc > [3] http://urlx.org/openbsd.org/5ca9f > [4] http://urlx.org/openbsd.org/558dd I didn't see any "Can't access Tickmaster.ca" entries; but I think I have the rest covered. No other sites have this problem. The firewall sits in front of an office of 15 or so, so I believe I would have heard something. Logging is turned on for my default block rule, which isn't returning anything for the ticketmaster IPs. The connection is just refused though. Nothing gets "lost", or dropped. The server gets the request, replies, and the client sees it. I don't see how this could be a problem of my ruleset; if something was being blocked, no packets would have been received by the client. Again, does anyone have any ideas? Can other people access ticketmaster through their CARP'd NAT firewall? Chris
