pf and 255.255.255.255 (was macppc 3.2 pf)

[Jon Quiros <jq_obsd_misc_(_at_)_teahead_(_dot_)_net>]

funny thing, though. os x machines outside the firewall get the listing.
  pre os-x ones don't.

what they send-  the pre os x machine sends this...

==========
# tcpdump -i dc1 host 1.2.3.4
tcpdump: WARNING: dc1: no IPv4 address assigned
tcpdump: listening on dc1
11:52:02.484020 1.2.3.4.32795 > 255.255.255.255.5003:  udp 15 (DF)
11:52:03.479997 1.2.3.4.32795 > 255.255.255.255.5003:  udp 15 (DF)
==========

the OS X machines send this:

==========
# tcpdump -i dc1 host 1.2.3.10
tcpdump: WARNING: dc1: no IPv4 address assigned
tcpdump: listening on dc1
13:35:01.820126 1.2.3.10.49153 > 1.2.3.255.5003:  udp 15
13:35:05.807978 1.2.3.10.49153 > 1.2.3.255.5003:  udp 15
==========

what does (DF) mean...?

it looks like things sent to "255.255.255.255" do NOT make it through, 
while things broadcast to the local subnet DO.

how do i allow 255.255.255.255 udp port 5003 from my own subnet through?


thanks!


Jon Quiros wrote:
> OpenBSD exos.ncemch.org 3.2 EXOS#0 macppc
> I'm using obsd 3.2/macppc with patches 1-14 on a B&W G3.
>
> i've set it up as a bridged firewall for a few machines and everything 
> is as expected except i can't get a listing of filemaker databases when 
> clients outside of the firewall try to "find" FileMaker Databases.  They 
> can connect by specifying the server's ip address though.
>
> filemaker uses tcp port 5003 for connections and broadcasts on udp port 
> 5003 for "discovery" of databases on the local network.
>
> To me it looks like the tcp is fine but udp nothing.
>
> This is what the clients spit out to get the listing, but to me it looks 
> like it's not getting throught pf:
>
> "tcpdump -i dc1 host 1.2.3.4" when making filemaker on 1.2.3.4 find 
> local db's:
>
> 17:44:43.461282 1.2.3.4.49156 > 255.255.255.255.5003:  udp 15
> 17:44:47.451883 1.2.3.4.49156 > 255.255.255.255.5003:  udp 15
> 17:44:51.709865 1.2.3.4.49157 > 255.255.255.255.5003:  udp 15
> 17:44:55.700408 1.2.3.4.49157 > 255.255.255.255.5003:  udp 15
>
>
> I have every "block" statement in pf.conf to be logging of these packets
> This is the section of pf.conf that pertains to DB server access:
>
> #Enable Database Server access
> pass in on $int_if proto { tcp, udp } from $Center to $Db port 5003 keep 
> state
> pass in on $int_if proto udp from $Center to any keep state
>
> I've tried with and without "scrub in all" but still nothing.
> All other aspects of pf work as expected (can allow/disallow specifics)
>
>
> what am i missing?
>
> TIA!
> Jon Q
>
>
>
>
> dmesg follows:
>
>
> # dmesg
> l table ]
> console out [ATY,Rage128y]console in [keyboard] USB and ADB found, using USB
> : memaddr 84000000 size 4000000, : consaddr 84000000, : ioaddr 80a20000, 
> size 20000: memtag 8000, iotag 8000: width 832 linebytes 832 height 624 
> depth 8
> Copyright (c) 1982, 1986, 1989, 1991, 1993
>         The Regents of the University of California.  All rights reserved.
> Copyright (c) 1995-2002 OpenBSD. All rights reserved. http://www.OpenBSD.org
>
> OpenBSD 3.2 (EXOS) #0: Tue Apr  1 11:45:44 EST 2003
>     root_(_at_)_exos_(_dot_)_ncemch_(_dot_)_org:/usr/src/sys/arch/macppc/compile/EXOS
> real mem = 301989888 (294912K)
> avail mem = 268427264 (262136K)
> using 1254 buffers containing 15097856 bytes of memory
> mainbus0 (root)
> cpu0 at mainbus0: 750 (Revision 202): 400 MHz: 1MB backside cache
> mpcpcibr0 at mainbus0: grackle, Revision 0x40
> pci0 at mpcpcibr0 bus 0
> pchb0 at pci0 dev 0 function 0 "Motorola MPC106 Host-PCI" rev 0x40
> ppb0 at pci0 dev 13 function 0 "DEC 21154 PCI-PCI" rev 0x02
> pci1 at ppb0 bus 1
> vendor "Texas Instruments", unknown product 0x8000 (class serial bus, 
> subclass Firewire, rev 0x02) at pci1 dev 0 function 0 not configured
> pciide0 at pci1 dev 1 function 0 "CMD Technology PCI0646" rev 0x07: DMA, 
> channel 0 configured to native-PCI, channel 1 configured to native-PCI
> pciide0: using irq 26 for native-PCI interrupt
> wd0 at pciide0 channel 0 drive 0: <Maxtor 91303D6>
> wd0: 16-sector PIO, LBA, 12427MB, 16383 cyl, 16 head, 63 sec, 25450992 
> sectors
> wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
> pciide0: channel 1 ignored (disabled)
> dc0 at pci1 dev 2 function 0 "Lite-On PNIC-II" rev 0x25: irq 23 address 
> 00:00:f0:01:12:8a
> dcphy0 at dc0 phy 31: internal PHY
> dc1 at pci1 dev 4 function 0 "Lite-On PNIC-II" rev 0x25: irq 25 address 
> 00:00:f0:01:12:8a
> dcphy1 at dc1 phy 31: internal PHY
> macobio0 at pci1 dev 5 function 0 "Apple Paddington" rev 0x00
> macintr0 at macobio0
>         pciide0 irq 26 level 0 fun 2eab04 arg e03c2000
>         dc0 irq 23 level 1 fun 11b958 arg e03c9000
>         dc1 irq 25 level 1 fun 11b958 arg e044c000
> zsc0 at macobio0: irq 15,16
> zstty0 at zsc0 channel 0
> zstty1 at zsc0 channel 1
> awacs: matched davbus nreg 24 nintr 12
> awacs0 at macobio0: irq 17,8,9 headphones
> audio0 at awacs0
> adb0 at macobio0 irq 18: via-cuda 0 targets
> aed0 at adb0 addr 0: ADB Event device
> wdc0 at macobio0 irq 13: DMA transfer
> atapiscsi0 at wdc0 channel 0 drive 0
> scsibus0 at atapiscsi0: 2 targets
> cd0 at scsibus0 targ 0 lun 0: <MATSHITA, CD-ROM CR-589, GA0W> SCSI0 
> 5/cdrom removable
> atapiscsi1 at wdc0 channel 0 drive 1
> scsibus1 at atapiscsi1: 2 targets
> sd0 at scsibus1 targ 0 lun 0: <IOMEGA, ZIP 100, 12.A> SCSI0 0/direct 
> removable
> sd0: drive offline
> cd0(wdc0:0:0): using BIOS timings, DMA mode 2
> sd0(wdc0:0:1): using BIOS timings
> bm0 at macobio0 irq 42,33: address 00:50:e4:56:ae:0b
> lxtphy0 at bm0 phy 0: LXT970 10/100 media interface, rev. 3
> ohci0 at pci1 dev 6 function 0 "Opti RM861HA" rev 0x10: irq 28, OHCI 
> version 1.0, legacy support
> usb0 at ohci0: USB revision 1.0
> uhub0 at usb0
> uhub0: vendor 0x0000 OHCI root hub, class 9/0, rev 1.00/1.00, addr 1
> uhub0: 2 ports with 2 removable, self powered
> uhidev0 at uhub0 port 1 configuration 1 interface 0
> uhidev0: ATEN CS124U V1.00, rev 1.10/1.00, addr 2, iclass 3/1
> ukbd0 at uhidev0: 8 modifier keys, 6 key codes
> wskbd0 at ukbd0 (mux 1 ignored for console): console keyboard
> uhidev1 at uhub0 port 1 configuration 1 interface 1
> uhidev1: ATEN CS124U V1.00, rev 1.10/1.00, addr 2, iclass 3/1
> ums0 at uhidev1: 5 buttons and Z dir.
> wsmouse0 at ums0 mux 0
> uhub1 at uhub0 port 2
> uhub1: Alps Electric Hub in Apple USB Keyboard, class 9/0, rev 
> 1.10/2.10, addr 3
> uhub1: 3 ports with 2 removable, bus powered
> uhidev2 at uhub1 port 1 configuration 1 interface 0
> uhidev2: Alps Electric Apple USB Keyboard, rev 1.10/1.02, addr 4, iclass 3/1
> ukbd1 at uhidev2: 8 modifier keys, 6 key codes
> wskbd1 at ukbd1 mux 1
> vgafb0 at pci0 dev 16 function 0 "ATI Rage 128 GL" rev 0x00, mmio
> wsdisplay0 at vgafb0: console (std, vt100 emulation), using wskbd0
> bootpath: '/pci/@d/pci-ata_(_at_)_1/ata-4_(_at_)_0/disk_(_at_)_0/bsd'
> boot device: wd0.
> root on wd0a
> rootdev=0x0 rrootdev=0xb00 rawdev=0xb02
> syncing disks... done
> rebooting
>
> [ using 297204 bytes of bsd ELF symbol table ]
> console out [ATY,Rage128y]console in [keyboard] USB and ADB found, using USB
> : memaddr 84000000 size 4000000, : consaddr 84000000, : ioaddr 80a20000, 
> size 20000: memtag 8000, iotag 8000: width 832 linebytes 832 height 624 
> depth 8
> Copyright (c) 1982, 1986, 1989, 1991, 1993
>         The Regents of the University of California.  All rights reserved.
> Copyright (c) 1995-2002 OpenBSD. All rights reserved. http://www.OpenBSD.org
>
> OpenBSD 3.2 (EXOS) #0: Tue Apr  1 11:45:44 EST 2003
>     root_(_at_)_exos_(_dot_)_ncemch_(_dot_)_org:/usr/src/sys/arch/macppc/compile/EXOS
> real mem = 301989888 (294912K)
> avail mem = 268427264 (262136K)
> using 1254 buffers containing 15097856 bytes of memory
> mainbus0 (root)
> cpu0 at mainbus0: 750 (Revision 202): 400 MHz: 1MB backside cache
> mpcpcibr0 at mainbus0: grackle, Revision 0x40
> pci0 at mpcpcibr0 bus 0
> pchb0 at pci0 dev 0 function 0 "Motorola MPC106 Host-PCI" rev 0x40
> ppb0 at pci0 dev 13 function 0 "DEC 21154 PCI-PCI" rev 0x02
> pci1 at ppb0 bus 1
> vendor "Texas Instruments", unknown product 0x8000 (class serial bus, 
> subclass Firewire, rev 0x02) at pci1 dev 0 function 0 not configured
> pciide0 at pci1 dev 1 function 0 "CMD Technology PCI0646" rev 0x07: DMA, 
> channel 0 configured to native-PCI, channel 1 configured to native-PCI
> pciide0: using irq 26 for native-PCI interrupt
> wd0 at pciide0 channel 0 drive 0: <Maxtor 91303D6>
> wd0: 16-sector PIO, LBA, 12427MB, 16383 cyl, 16 head, 63 sec, 25450992 
> sectors
> wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
> pciide0: channel 1 ignored (disabled)
> dc0 at pci1 dev 2 function 0 "Lite-On PNIC-II" rev 0x25: irq 23 address 
> 00:00:f0:01:12:8a
> dcphy0 at dc0 phy 31: internal PHY
> dc1 at pci1 dev 4 function 0 "Lite-On PNIC-II" rev 0x25: irq 25 address 
> 00:00:f0:01:12:8a
> dcphy1 at dc1 phy 31: internal PHY
> macobio0 at pci1 dev 5 function 0 "Apple Paddington" rev 0x00
> macintr0 at macobio0
>         pciide0 irq 26 level 0 fun 2eab04 arg e03c2000
>         dc0 irq 23 level 1 fun 11b958 arg e03c9000
>         dc1 irq 25 level 1 fun 11b958 arg e044c000
> zsc0 at macobio0: irq 15,16
> zstty0 at zsc0 channel 0
> zstty1 at zsc0 channel 1
> awacs: matched davbus nreg 24 nintr 12
> awacs0 at macobio0: irq 17,8,9 headphones
> audio0 at awacs0
> adb0 at macobio0 irq 18: via-cuda 0 targets
> aed0 at adb0 addr 0: ADB Event device
> wdc0 at macobio0 irq 13: DMA transfer
> atapiscsi0 at wdc0 channel 0 drive 0
> scsibus0 at atapiscsi0: 2 targets
> cd0 at scsibus0 targ 0 lun 0: <MATSHITA, CD-ROM CR-589, GA0W> SCSI0 
> 5/cdrom removable
> atapiscsi1 at wdc0 channel 0 drive 1
> scsibus1 at atapiscsi1: 2 targets
> sd0 at scsibus1 targ 0 lun 0: <IOMEGA, ZIP 100, 12.A> SCSI0 0/direct 
> removable
> sd0: drive offline
> cd0(wdc0:0:0): using BIOS timings, DMA mode 2
> sd0(wdc0:0:1): using BIOS timings
> bm0 at macobio0 irq 42,33: address 00:50:e4:56:ae:0b
> lxtphy0 at bm0 phy 0: LXT970 10/100 media interface, rev. 3
> ohci0 at pci1 dev 6 function 0 "Opti RM861HA" rev 0x10: irq 28, OHCI 
> version 1.0, legacy support
> usb0 at ohci0: USB revision 1.0
> uhub0 at usb0
> uhub0: vendor 0x0000 OHCI root hub, class 9/0, rev 1.00/1.00, addr 1
> uhub0: 2 ports with 2 removable, self powered
> uhidev0 at uhub0 port 1 configuration 1 interface 0
> uhidev0: ATEN CS124U V1.00, rev 1.10/1.00, addr 2, iclass 3/1
> ukbd0 at uhidev0: 8 modifier keys, 6 key codes
> wskbd0 at ukbd0 (mux 1 ignored for console): console keyboard
> uhidev1 at uhub0 port 1 configuration 1 interface 1
> uhidev1: ATEN CS124U V1.00, rev 1.10/1.00, addr 2, iclass 3/1
> ums0 at uhidev1: 5 buttons and Z dir.
> wsmouse0 at ums0 mux 0
> uhub1 at uhub0 port 2
> uhub1: Alps Electric Hub in Apple USB Keyboard, class 9/0, rev 
> 1.10/2.10, addr 3
> uhub1: 3 ports with 2 removable, bus powered
> uhidev2 at uhub1 port 1 configuration 1 interface 0
> uhidev2: Alps Electric Apple USB Keyboard, rev 1.10/1.02, addr 4, iclass 3/1
> ukbd1 at uhidev2: 8 modifier keys, 6 key codes
> wskbd1 at ukbd1 mux 1
> vgafb0 at pci0 dev 16 function 0 "ATI Rage 128 GL" rev 0x00, mmio
> wsdisplay0 at vgafb0: console (std, vt100 emulation), using wskbd0
> bootpath: '/pci/@d/pci-ata_(_at_)_1/ata-4_(_at_)_0/disk_(_at_)_0/bsd'
> boot device: wd0.
> root on wd0a
> rootdev=0x0 rrootdev=0xb00 rawdev=0xb02
> #