Re: ipf return-rst
From: Gerhard Sittig (Gerhard.Sittig@gmx.net)
- Next message: Gerhard Sittig: "Re: Updating ssh"
- Previous message: Kris Kennaway: "Lack of evidence for new SSH vulnerability"
- In reply to: Eric Anderson: "ipf return-rst"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 Nov 2001 20:04:43 +0100 From: Gerhard Sittig <Gerhard.Sittig@gmx.net> To: firstname.lastname@example.org
On Wed, Nov 28, 2001 at 16:47 -0600, Eric Anderson wrote:
> I'm trying to figure out why my return-rst lines aren't
> working. Here's a sample of a line:
> block return-rst in quick on xl0 proto tcp from any to
> my.ext.ip/32 port = 23 flags S/SA
Is your my.ext.ip static? If it isn't, I suggest using 0.0.0.0/32
as the IP spec and invocing "ipf -y" in your linkup script.
Are you the only filter in the path? Have you tried this locally
in a network completely under your control? Check it with the lo0
interface and your internal NIC first to make sure.
> Both block the connection, but timeout instead of giving the
> "Connection refused" line.
Is this some kind of application retry? Did you use something
like netcat as a frontend and did you check by running tcpdump?
virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76
Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net
-- If you don't understand or are scared by any of the above ask your parents or an adult to help you. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message