Insan Praja SW wrote: > On Tue, 26 Feb 2008 09:31:29 +0700, Ted Unangst <[EMAIL PROTECTED]> > wrote: > >> On 2/25/08, Insan Praja SW <[EMAIL PROTECTED]> wrote: >>> Hi Misc@, >>> While testing my brandnew 4.3-beta AMD64.MP webserver, I apply a >>> simple >>> pf.conf to let some connection in and all out. But something >>> interesting >>> came out, pf actually blocks my webserver googlebot apps originated >>> from >>> the server, which is strange since I use "pass out all". So, I'm >>> wondering >>> if anybody on Misc@ could help me out with this. >>> I appreciate any replies related to this. >>> Thanks, >> >>> block drop in quick inet from 127.0.0.1 to any >> >> hmmm > > Well, > It must bad since the "hmmm" word came out.. :D > But really, even after I removed the "antispoof" dan the "scrub", nothin > changes.. and, finally change "block log all" to "block in log all" it > solve the problem.. > I wonder why... because the last rule is to "pass out all". Isn't pf > plays > last matching rule? No later rule will override the above rule, because it includes the 'quick' keyword.
SD
