Subject: Re: ipf blocking traffic
To: Martti Kuparinen <martti.kuparinen@iki.fi>
From: Roberto <roberto.trovo@redix.it>
List: current-users
Date: 02/03/2005 17:09:07
> Hi!
>
> I'm having problems with ipf on NetBSD 2.0.1 (with ip_state rev 1.3
> applied to disable broken oow checks). These kind of entries show
> up in syslog:
>
>
> Feb  3 16:56:51 xxx ipmon[349]: 16:56:51.069126 wm0 @0:5 b
> xxx[xxx.xxx.xxx.xxx],62968 -> xxx[xxx.xxx.xxx.xxx],imap PR tcp len 20 67
> -AP OUT
> Feb  3 16:56:51 xxx ipmon[349]: 16:56:51.069138 wm0 @0:5 b
> xxx[xxx.xxx.xxx.xxx],62968 -> xxx[xxx.xxx.xxx.xxx],imap PR tcp len 20 52
> -AF OUT
> Feb  3 16:56:52 xxx ipmon[349]: 16:56:52.060007 wm0 @0:5 b
> xxx[xxx.xxx.xxx.xxx],62968 -> xxx[xxx.xxx.xxx.xxx],imap PR tcp len 20 67
> -AFP OUT
>
>
> Here's my ruleset for outgoing packets:
>
> pass out quick on lo0 from any to any
> pass out quick proto tcp from any to any flags S keep state keep frags
> pass out quick proto udp from any to any keep state keep frags
> pass out quick proto icmp from any to any icmp-type echo keep state
> block out log quick all
>
>
> Any ideas why these packets were blocked?
>
> Martti
>

I'd like to know if:

1) is your firewall working and you see sometimes this messages;

or

2) is your firewall not working at all?

For example to generate the logs do you have simulate a IMAP connection
and it doesn not work at all ?


Kind regards
Roberto

e-mail roberto.trovo [at] redix.it