[ previous ] [ next ] [ threads ]
 
 From:  ryanp at hhsys dot org
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  rule allowed but being blocked
 Date:  Mon, 12 Dec 2005 16:02:47 -0600 (CST)
These are allowed via

TCP 10.246.9.0/24:* to 10.249.0.1:1500

but its still being blocked, I even said allow fragmented packets. still
being blocked. block private network is unchecked, whats going on?


Dec 12 15:51:19 ms-other-fw ipmon[88]: 15:51:18.660381 em0 @0:11 b
10.246.9.10,1177 -> 10.249.0.1,1500 PR tcp len 20 1344 -AP IN
Dec 12 15:51:47 ms-other-fw ipmon[88]: 15:51:47.234993 em0 @0:11 b
10.246.9.10,1177 -> 10.249.0.1,1500 PR tcp len 20 1188 -AP IN
Dec 12 15:53:47 ms-other-fw ipmon[88]: 15:53:47.208950 em0 @0:11 b
10.246.9.10,1177 -> 10.249.0.1,1500 PR tcp len 20 536 -AP IN
Dec 12 15:55:56 ms-other-fw ipmon[88]: 15:55:56.168614 em0 @0:11 b
10.246.9.10,1177 -> 10.249.0.1,1500 PR tcp len 20 1344 -AP IN
Dec 12 15:56:08 ms-other-fw ipmon[88]: 15:56:07.903430 em0 @0:11 b
10.246.9.10,1177 -> 10.249.0.1,1500 PR tcp len 20 380 -AP IN
Dec 12 15:56:23 ms-other-fw ipmon[88]: 15:56:23.182397 em0 @0:11 b
10.246.9.10,1177 -> 10.249.0.1,1500 PR tcp len 20 1344 -AP IN
Dec 12 15:57:20 ms-other-fw ipmon[88]: 15:57:20.178005 em0 @0:11 b
10.246.9.10,1177 -> 10.249.0.1,1500 PR tcp len 20 1216 -AP IN
Dec 12 15:58:04 ms-other-fw ipmon[88]: 15:58:04.140679 em0 @0:11 b
10.246.9.10,1177 -> 10.249.0.1,1500 PR tcp len 20 1344 -AP IN





status.php
----------------
ipfstat -nio

@1 pass out quick on lo0 from any to any
@2 pass out quick on em0 proto udp from 10.246.9.254/32 port = 67 to any
port = 68
@3 pass out quick on em1 proto udp from any port = 68 to any port = 67
@4 pass out quick on em0 from any to any keep state
@5 pass out quick on em1 from any to any keep state
@6 block out log quick from any to any
@1 pass in quick on lo0 from any to any
@2 block in log quick from any to any with short
@3 block in log quick from any to any with ipopt
@4 pass in quick on em0 proto udp from any port = 68 to 255.255.255.255/32
port = 67
@5 pass in quick on em0 proto udp from any port = 68 to 10.246.9.254/32
port = 67
@6 block in log quick on em1 from 10.246.9.0/24 to any
@7 block in log quick on em1 proto udp from any port = 67 to 10.246.9.0/24
port = 68
@8 pass in quick on em1 proto udp from any port = 67 to any port = 68
@9 block in log quick on em0 from !10.246.9.0/24 to any
@10 skip 1 in proto tcp from any to any flags S/FSRA
@11 block in log qu

-------------------------------------------------------------

Note: This email is for the sole use of the intended
recipient(s) and may contain confidential information.  Any
unauthorized review, use, disclosure or distribution is
prohibited.  Contact the sender if received in error.