SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-18-2008, 06:32 AM
| ||||
| ||||
 Re: strange results with pf On Wed, Aug 20, 2003 at 01:57:37PM +0400, Alexei G. Malinin wrote: > I scanned from separate host. Then make sure the nmap probes actually get sent by that host (if that host is also running a packet filter, that's not a safe assumption), tcpdump on its external interface. Then tcpdump on the pf box' external interface, do you see the probes arrive? If so, do you see any replies sent by the pf box? If not (and only in this case) you can start to debug the ruleset. Add 'log' to all block and scrub rules. Scrubbing comes first, if the scrubber drops an incoming probe (due to invalid xmas flags), it will just drop the packet, and your 'block return-icmp' rule is irrelevant. Make sure pflogd is running and check /var/log/pflog. Daniel      |
Linear Mode
