SEO

hi group!

I have a really annoying problem with irc and icq.

I can chat with irc well but i cant reveive any files sent by dcc ->
Connection failed (mirc, winxp).
I set up port 4000-4005 in Connect/options/Advanced in the irc-options
and passed them through pf.

I dont know whats wrong with these rules!

My problem with ICQ is as follows. I can connect, i see online contacts
but just for about 1 minute!! Then I am disconnected.

Well, best at the end: I cant even post on newsgroups but nntp is
enabled. (this post is done in an other way)

my pf.conf:
----------------------------------------------------------------------
# Definitions
ext = "ppp0" # External interface
int = "rl0" # Internal interface
Loop = "lo0" # Loopback interface
IntNet= "{ 192.168.5.10, 192.168.5.20, 192.168.5.30, 192.168.5.100 }"

NoRoute = "{ 127.0.0.1/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
255.255.255.255/32 }"

InServicesTCP = "{ ssh auth }"
OutServicesTCP = "{ http https smtp pop3 whois domain ssh telnet ftp
ftp-data nntp auth ntp }"
OutServicesUDP = "{ ntp domain }"
ASE = "{ 27243:27245 }"
csTCP = "{ 27030:27039 }"
csUDP = "{ 27000:27040, 1200 }"
ICQ = "{ 5190 6969 }"
IRC = "{ 6660:6669 59 4000:4005 }"
nfsUDP = "{ 3658 3659 }"
nfsTCP = "{ 10900:10999 }"

set block-policy drop
set loginterface ppp0

# Clean up fragmented and abnormal packets
# By default in pf, packets which contain IP options are blocked. Good.
scrub in on { $ext $int } all

# NAT Rules
nat on $ext from $int:network to any -> ($ext)

# block and log everything
block out log on $ext all
block in log on $ext all
block return-rst out log on $ext proto tcp all
block return-rst in log on $ext proto tcp all
block return-icmp out log on $ext proto udp all
block return-icmp in log on $ext proto udp all

block in quick inet6 all
block out quick inet6 all

# loopback packets left unmolested
pass in quick on $Loop all
pass out quick on $Loop all

# Immediate blocks
# fuzz any 'nmap' attempt
block in log quick on $ext inet proto tcp from any to any flags FUP/FUP
block in log quick on $ext inet proto tcp from any to any flags SF/SFRA
block in log quick on $ext inet proto tcp from any to any flags /SFRA

# don't allow anyone to spoof non-routeable addresses
block in log quick on $ext from $NoRoute to any
block out log quick on $ext from any to $NoRoute

# silently drop broadcasts (cable modem noise)
block in quick on $ext from any to 255.255.255.255

# PASS rules
# ALL -- we don't normally do that. For debugging only.
#pass out quick on $ext all keep state

# ICMP
pass out quick on $ext inet proto icmp all icmp-type 8 code 0 keep state
pass in log quick on $ext inet proto icmp all icmp-type 8 code 0 keep state

# Services we provide to the outside world
#pass in quick on $ext inet proto udp from any to any port
$InServicesUDP keep state
pass in quick on $ext inet proto tcp from any to any port $InServicesTCP
flags S/SA keep state

# Standard services we want to access in the world
pass out quick on $ext inet proto udp from any to any port
$OutServicesUDP keep state
pass out quick on $ext inet proto tcp from any to any port
$OutServicesTCP flags S/SA modulate state
pass out quick on $ext inet proto { tcp udp } from any to any port $ASE
pass out quick on $ext inet proto tcp from any to any port $csTCP
pass out quick on $ext inet proto udp from any to any port $csUDP
pass out quick on $ext inet proto tcp from any to any port $ICQ
pass out quick on $ext inet proto tcp from any to any port $IRC
pass out quick on $ext inet proto udp from any to any port $nfsUDP
pass out quick on $ext inet proto tcp from any to any port $nfsTCP
----------------------------------------------------------------------


If u need further information, just ask!
I am really in despair and i appreciate any help.
Regards.


--
David Mayer

GnuPG public key: http://members.aon.at/curbaxx/pubkey.asc
Fingerprint: : FCC8 7225 6DE7 AO54 161B DB77 E25B FC38 1CEF A35B

(c u r b) (AT) (a o n) (DOT) (a t)