Could be that the remote IP is already listed in the active ipf table?
Try entering the following to refresh your ipfilter table from ipf.conf:

	# /sbin/ipf -Fa -f /etc/ipf.conf

--
  /\---/\  Eric J Fox
 /  o o  \ http://fox.phoenix.az.us
 \.\   /./ ---------------------------
    \@/    "Of course it runs NetBSD."



On Mon, 17 Jun 2002, Jeremy C. Reed wrote:

> On Tue, 18 Jun 2002, Homer Sipes wrote:
>
> > Hi does anyone use portsentry? mine works just fine and i tested it out
>
> Yes.
>
> > from a friends box. i scanned my box and like it's supposed to, it
> > blocks his host. however, i removed the porstsentry.blocked.tcp file and
> > tried to ssh in my box from his and i get:
> > ssh_exchange_identification: Connection closed by remote host
>
> I am guessing that the portsentry is configured to listen for port 22. (So
> your ssh client doesn't receive any ssh server's identification.)
>
>    Jeremy C. Reed
>    http://www.reedmedia.net/
>
>