|
|||
pf Dropped Packets
I have a new firewall that is almost exactly the one show here
https://www.openbsd.org/faq/pf/example1.html I don't think it should matter but I have a couple of VLAN on em1 so my internal interfaces look like: int_if="{ em1 vlan101 vlan102 vlan103 }" As far as I can tell, everything is working. I can see dropped packets coming in from the internet and get out to everything so far. My LAN is on vlan102 and I'm getting some dropped packets coming from the LAN to the internet on the HTTPS port for services like dropbox. Dropbox seems to be working so I don't think it's a problem but I don't understand why these packets are being dropped when others are not. Here is an example: rule 4/(match) block in on vlan102: 10.x.x.x.54738 > 52.207.41.48.443: F 0:0(0) ack 1 win 254 (DF) The rule pass in on $int_if inet allows most everything in on the LAN but not these. Thanks in advance for any thoughts. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
pf : how to ignore TCP RST packets ? | jcdenton | OpenBSD Security | 0 | 3rd August 2010 04:17 PM |
Dropped to grub terminal, stumped. | Jack | OpenBSD Installation and Upgrading | 3 | 12th December 2008 03:09 PM |
Redirecting ESP packets | ales | OpenBSD Security | 2 | 15th June 2008 09:13 PM |
IPF: Packets Out Of Window | bram85 | FreeBSD Security | 9 | 2nd June 2008 04:09 PM |