Hi all,
I've been running pf+obspamd on FBSD 6.2-RELEASE.
I appear to be blocking some addresses that appear in my spamd-mywhite file
and I don't understand why that would be the case here. I'm guessing I've
screwed up my pf.conf file.
Here's my config file:
# pfctl -vvnf /etc/pf.conf
ext_if =
> Hi all,
>
> I've been running pf+obspamd on FBSD 6.2-RELEASE.
>
> I appear to be blocking some addresses that appear in my
> spamd-mywhite file
> and I don't understand why that would be the case here. I'm
> guessing I've
> screwed up my pf.conf file.
>
> Here's my config file:
>
> # pfctl
> > Hi all,
> >
> > I've been running pf+obspamd on FBSD 6.2-RELEASE.
> >
> > I appear to be blocking some addresses that appear in my
> > spamd-mywhite file
> > and I don't understand why that would be the case here. I'm
> > guessing I've
> > screwed up my pf.conf file.
> >
...
>
> Hi,
>
>
> On Thu, 6 Sep 2007, Doug Sampson wrote:
>
> > What am I doing wrong? Are CIDR records accepted by
> pf+obspamd? I can't
> > trace the block back to the proper rules- i.e. rule 3/0 as
> shown in pflog0
> > matches up with which rule in pf.conf?
>
> Ma
> # -- silly dont't do this !
> # -- !! This file is no table, it is even not for usage in pf
> ruleset !!
> # remove this! table persist \
> # remove this! file "/usr/local/etc/spamd/spamd.alloweddomains"
Removed.
> OK, back to the ruleset.
>
> # -- Let all smtp traffic from the table pass
<..snip..>
> 200.46.204.71.53512 > 127.0.0.1.25: S
> 2390205679:2390205679(0) win 65535
> > 038980 rule 3/0(match): block in on rl0:
> 200.46.204.71.65136 > 127.0.0.1.25: S 1802046267:1802046267(0) w
> >
> > Which of the rules above does rule 3/0(match) refer to?
>
> It's easier to count the
I want to back up a client running packet filter. I am using Bacula to
backup this client to a Bacula server in the internal network. The Bacula
client has two interfaces- one external and one internal. The client's
internal IF is 192.168.1.25. The Bacula server is at 192.168.1.17.
When I attempt
> On Friday 21 March 2008 21:59:46 Doug Sampson wrote:
> > I want to back up a client running packet filter. I am
> using Bacula to
> > backup this client to a Bacula server in the internal network. The
> > Bacula client has two interfaces- one external and one internal. T
> > Is there another way of writing rules that will enable the
> Bacula client to
> > pass packets to the correct port number?
> >
> Yes, make the 1st rule
>
> block log all
>
> to drop both ingress and egress traffic by default.
>
> Secondly get rid of the stateless rules. Use keep stat
> This isn't a reply to you (Doug), but -- do not blindly use
> "keep state"
> everywhere!
>
> There's been too many cases I've experienced where using "keep state"
> blindly results in state-mismatch increasing at a very fast
> rate. When
> I implemented this mentality on our production server
I got bitten by PF when upgrading from 8.2 to 9.0. It refused to allow
any incoming mail. I'm using spamd in conjunction with pf. I use a
combination of natting along with redirections in conjunction with the
normal pass/block rules.
I cannot for the life of me find a list of significant change
> I got bitten by PF when upgrading from 8.2 to 9.0. It refused to allow
> any incoming mail. I'm using spamd in conjunction with pf. I use a
> combination of natting along with redirections in conjunction with the
> normal pass/block rules.
>
> I cannot for the life of me find a list of significa
> On 2/15/12 2:22 AM, Doug Sampson wrote:
> > I got bitten by PF when upgrading from 8.2 to 9.0. It refused to allow
> > any incoming mail. I'm using spamd in conjunction with pf. I use a
> > combination of natting along with redirections in conjunction with the
&
> > I'm now getting back to this issue after being diverted to other
> projects. Spam has been noticed by our staff and they're not happy. :)
> >
> > Here's what the tcp dump show:
> >
> > mailfilter-root@~# tcpdump -nei pflog0 port 8025
> > tcpdump: WARNING: pflog0: no IPv4 address assigned
> > tc
[EMAIL PROTECTED] netstat -i
NameMtu Network Address Ipkts IerrsOpkts Oerrs
Coll
xl01500 00:10:5a:85:91:ad 950032 0 61783710
45299
xl01500 192.168.xxx 192.168.xxx.xxx 680757 - 609403 -
-
rl01500 00:40:f4:5d:6a:d5 21251
15 matches
Mail list logo
