[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

strange things with stateful tracking

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: strange things with stateful tracking
From: "Serge K. Snegovik" <serge_(_at_)_betatk_(_dot_)_ru>
Date: Mon, 11 Apr 2005 12:17:16 +0400
Organization: Beta telekom
Reply-to: "Serge K. Snegovik" <serge_(_at_)_betatk_(_dot_)_ru>

Hello, misc.
i see some strange things using stateful tracking in openbsd3.6
with such rule in pf.conf:
pass in on $ext_if proto tcp from any to ($ext_if) port 21\
     flags S/SA keep state
pass in on $ext_if proto tcp from any to ($ext_if) port >49151\
     flags S/SA keep state ( source-track rule, max-src-states 3 )

clients stucks getting list of directory (`w` says
ftp    ft 10.0.0.243       12:07PM     0 PASV),
but when i try to <refresh> few times (3 or more) they get it.
without "( source-track rule, max-src-states 3 )" everything's ok
what could be wrong? or should i try to use current?

-- 
Best wishes,
 Serge                          mailto:serge_(_at_)_betatk_(_dot_)_ru

Prev by Date: Re: Gallery/ImageMagick/NetPBM req'd files in chroot?
Next by Date: Re: SHA-1 cracked
Previous by thread: Auto-Response
Next by thread: SHA-1 cracked
Index(es):
- Date
- Thread

Visit your host, monkey.org