[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Keep state use - how?
From:       Rino Mardo <rino () debbie ! penguinpowered ! com>
Date:       2000-06-27 5:15:41
[Download RAW message or body]

Hi.  I have an OpenBSD 2.7 system and would like to know if the way I
understood the HOWTO is correct.  Basically, I have my ipf rules like this:

block in log quick on xl0 proto tcp from any to <ip addy> port = xx
...
...
...

block in log quick on xl0 proto udp from any to <ip addy> port = xx
...
...
...

pass in on xl0 proto udp from any to any port = 53 keep state
pass in quick on xl0 proto tcp from any to any port = smtp flags S/SA keep state


Those two lines I've setup for DNS queries (I'm a DNS caching only) and
send/received emails.  From what I recall the rules works downwards the list
but if I put a "block in all from to any" at the top nothing goes in or
out.  Question:

1.  Since I don't have a "quick" keyword in "block in all from any to any" why
was the rest of the rules not matched?

2.  Can I start my rule with a block all in, and work downwards allowing packets
for mails, DNS and browsing(?) only?


Cheers.

[prev in list] [next in list] [prev in thread] [next in thread]