|
||||||||||
On Tue, 5 Oct 2004 12:07:56 -0700, Jeffrey Goldberg <jeffrey at goldmark dot org> wrote: > This question might reflect my misunderstanding of how NAT works. > (Well, considering that I think it works by magic, I suppose that that > is inevitable that I misunderstand.) > > I am getting some outgoing packets occasionally blocked that should be > allow through. Here is an example log entry (line broken for > readability) > > ipmon[75]: 11:07:08.443851 sis0 @0:15 b > 192.168.1.51,63864 -> 66.111.4.160,993 PR tcp len 20 101 -AFP IN > What is group 0 rule 15 in /status.php (the first rule 15 it shows under ipfstat -nio)? > Any insight into this would be welcome. Also I'd like to get > recommendations for good books on packet filtering firewalls including > NAT. > Not a book, but something to start with at least. Has a good explanation of deciphering IPF's logs. http://freebsd.peon.net/tutorials/21/ |