|
18th June 2008
|
|||
|
|||
Problem using pkg with pf enabled
Problem using pkg with pf enabled on FreeBSD 7.0
I have problem with pf enabled. The first time i have used the same configuration that i adopted on openbsd 4.3. Subsequently I have reduced the firewall using the example in freebsd 7.0. When the pf is enabled i can use browser, i can access on my web-mail but i can install or upgrade package with the usual command pkg_add. I don't understand the problem.  pf.conf Code:
ext_if="le0" set skip on lo scrub in block in pass out antispoof quick for lo Code:
FILTER RULES: scrub in all fragment reassemble block drop in all pass out all flags S/SA keep state block drop in quick on ! lo inet6 from ::1 to any block drop in quick on ! lo inet from 127.0.0.0/8 to any block drop in quick on lo0 inet6 from fe80::1 to any block drop in quick inet6 from ::1 to any block drop in quick inet from 127.0.0.1 to any INFO: Status: Enabled for 0 days 00:24:20 Debug: Urgent State Table Total Rate current entries 0 searches 2511 1.7/s inserts 115 0.1/s removals 115 0.1/s Counters match 261 0.2/s bad-offset 0 0.0/s fragment 0 0.0/s short 0 0.0/s normalize 0 0.0/s memory 0 0.0/s bad-timestamp 0 0.0/s congestion 0 0.0/s ip-option 0 0.0/s proto-cksum 0 0.0/s state-mismatch 0 0.0/s state-insert 0 0.0/s state-limit 0 0.0/s src-limit 0 0.0/s synproxy 0 0.0/s TIMEOUTS: tcp.first 120s tcp.opening 30s tcp.established 86400s tcp.closing 900s tcp.finwait 45s tcp.closed 90s tcp.tsdiff 30s udp.first 60s udp.single 30s udp.multiple 60s icmp.first 20s icmp.error 10s other.first 60s other.single 30s other.multiple 60s frag 30s interval 10s adaptive.start 6000 states adaptive.end 12000 states src.track 0s LIMITS: states hard limit 10000 src-nodes hard limit 10000 frags hard limit 5000 tables hard limit 1000 table-entries hard limit 200000 OS FINGERPRINTS: 696 fingerprints loaded 
|
|
19th June 2008
|
|||
|
|||
|
odd.. I use my exact same pf config from my openbsd machines on my freebsd machines. Only thing that changes is the interface. never had those issues.
|
|
25th July 2008
|
|||
|
|||
|
I had a similar issue with pkg_add and pf, after a long time I figured out that I had to tell FreeBSD to use FTP passive mode trough adding:
Defaults env_keep += "FTP_PASSIVE_MODE" in my sudo file (visudo).
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Boot problem. Geometry problem? | gulanito | FreeBSD Installation and Upgrading | 0 | 3rd July 2009 03:03 AM |
| Marvell Yukon driver cannot load with ACPI enabled | GullibleJones | FreeBSD General | 2 | 15th September 2008 02:58 PM |
| Trouble with ftp with pf enabled | kasse | FreeBSD General | 8 | 24th August 2008 11:25 PM |
Linear Mode
