[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Strange problem with new ISP

To: "Misc. OpenBSD" <misc@openbsd.org>
Subject: Strange problem with new ISP
From: "Ralph Utbult" <ralph.utbult@gbg.abf.se>
Date: Sat, 1 Feb 2003 17:18:56 +0100

I've had my firewall for over four years now. It's been upgraded from 2.? to
2.8, but not since. It hasn't caused me any trouble, until we changed ISP.
Suddenly, a lot of mail bounces (I run sendmail, cucipop, squid) and it
won't let me use attachments in hotmail. We have done a lot of work, trying
to find the source. As a last, I took another machine and installed a fresh
OpenBSD 3.2 on it. No sendmail configuration, no cucipop, no squid. The only
thing I've done with it is setting up PF - a small amount of rules, just to
keep me happy ;) This damn thing does the exact same as the old one,
refusing me to attach files in hotmail (and other web-based mail services)!
So, what is the problem? I give you my PF.conf in the hope that you find
something missing there.

Regards,
Ralph Utbult

# scrub in all

enic=”xl0”	external NIC
inic=”de0”	internal NIC

nat on $enic from 192.168.1.0/24 to any ->62.127.120.98

block in log all
pass out on $enic all
pass in quick on $inic all
pass out quick on $inic all
pass in quick on lo0 all

block in log quick on $enic from {0.0.0.0/32, 10.0.0.0/8, 127.0.0.0/8, \
172.16.0.0/12, 192.168.0.0/16, 255.255.255.25/32} to any

pass in quick on $enic inet proto icmp all icmp-type 0
pass in quick on $enic inet proto icmp all icmp-type 3
pass in quick on $enic inet proto icmp all icmp-type 11

pass in quick on $enic inet proto tcp from any to any port 22 flags S/SA
keep state

pass  out on $enic proto tcp all keep state

Follow-Ups:
- Re: Strange problem with new ISP
  - From: "S9" <km@themcminns.com>

Prev by Date: Re: apache rotatelogs boot problems
Next by Date: Re: apache rotatelogs boot problems
Prev by thread: Re: NFS problem
Next by thread: Re: Strange problem with new ISP
Index(es):
- Date
- Thread