pf problems

看板DFBSD_bugs作者aoiko.時間21年前 (2004/09/27 02:01)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

--Boundary-00=_IwuVBZOGVh6OwVr Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline On a kernel with the recent ip_output() change, I'm having trouble with letting incoming traffic pass: > pfctl -s rules No ALTQ support in kernel ALTQ related functions disabled pass all > host -w 30 www.dragonflybsd.org host: Couldn't find server 'www.dragonflybsd.org': temporary failure I've also tried http (using a numerical ip of course). OTOH, ping works just fine. Attached is the output of tcpdump for the duration of the host lookup above (well, obviously xchat was trying to get an IP at the same time...). Running tcpdump -i pflog0 shows nothing. Let me know if there's more info I should provide or if there's anything else I should try. Thanks, Aggelos --Boundary-00=_IwuVBZOGVh6OwVr Content-Type: text/plain; charset="us-ascii"; name="pf.out" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="pf.out" > tcpdump -n -ttt -i rl0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes 000000 IP 192.168.1.2.3229 > 147.102.222.220.53: 52303+ A? www.dragonflybsd.org. (38) 021138 IP 147.102.222.220.53 > 192.168.1.2.3229: 52303 2/3/0 CNAME[|domain] 983226 IP 192.168.1.2.2350 > 147.102.222.210.53: 52303+ A? www.dragonflybsd.org. (38) 021621 IP 147.102.222.210.53 > 192.168.1.2.2350: 52303 2/3/1 CNAME[|domain] 14. 848321 IP 192.168.1.2.2326 > 194.159.164.195.6667: P 2471755863:2471756167(304) ack 3554757645 win 58400 200166 IP 194.159.164.195.6667 > 192.168.1.2.2326: . ack 304 win 17520 2. 316943 IP 194.159.164.195.6667 > 192.168.1.2.2326: . 1:1461(1460) ack 304 win 17520 12. 623337 IP 192.168.1.2.3229 > 147.102.222.220.53: 52303+ A? www.dragonflybsd.org. (38) 022155 IP 147.102.222.220.53 > 192.168.1.2.3229: 52303 2/3/0 CNAME[|domain] 987936 IP 192.168.1.2.2350 > 147.102.222.210.53: 52303+ A? www.dragonflybsd.org. (38) 023313 IP 147.102.222.210.53 > 192.168.1.2.2350: 52303 2/3/1 CNAME[|domain] 47. 827072 IP 192.168.1.2.2326 > 194.159.164.195.6667: RP 304:342(38) ack 1 win 58400 10. 054400 IP 192.168.1.2.1291 > 147.102.222.220.53: 28737+ AAAA? efnet.demon.co.uk. (35) 081861 IP 147.102.222.220.53 > 192.168.1.2.1291: 28737 0/1/0 (95) 4. 924251 IP 192.168.1.2.4688 > 147.102.222.210.53: 28737+ AAAA? efnet.demon.co.uk. (35) 086958 IP 147.102.222.210.53 > 192.168.1.2.4688: 28737 0/1/0 (95) 4. 923038 IP 192.168.1.2.4682 > 147.102.222.220.53: 28737+ AAAA? efnet.demon.co.uk. (35) 022144 IP 147.102.222.220.53 > 192.168.1.2.4682: 28737 0/1/0 (95) 4. 987950 IP 192.168.1.2.1621 > 147.102.222.210.53: 28737+ AAAA? efnet.demon.co.uk. (35) 020294 IP 147.102.222.210.53 > 192.168.1.2.1621: 28737 0/1/0 (95) 4. 989772 IP 192.168.1.2.3319 > 147.102.222.220.53: 28737+ AAAA? efnet.demon.co.uk. (35) 019260 IP 147.102.222.220.53 > 192.168.1.2.3319: 28737 0/1/0 (95) ^C 22 packets captured 22 packets received by filter 0 packets dropped by kernel --Boundary-00=_IwuVBZOGVh6OwVr--

‣ 返回看板[ DFBSD_bugs ] DBSD

‣ 更多 aoiko. 的文章

文章代碼(AID): #11LmFl00 (DFBSD_bugs)