[FUG-BR] Duvida no packetfilter

Fabiano Carlos Heringer bigu em grupoheringer.com.br
Terça Outubro 19 10:55:49 BRST 2010


  Em 19/10/2010 07:51, Bruno Torres Viana escreveu:
> Fabiano,
>
> Desculpa, agora que prestei "atenção"!
>
>>>> pass in   quick log on xl0 from any to 10.0.0.45 label in_10_0_0_45_
>>>> pass out quick log on xl0 from 10.0.0.45 to any label out_10_0_0_45_
> Tem que mandar a regra logar, qq coisa poste novamente.
O que eu nao entendo, que quando dou um tcpdump nao minha interface 
interna, onde o destinatario é o host 10.0.0.45, tenho muito trafego 
passando ...mas o PF nao pega...

usei a seguinte regra
pass quick log on $int_if from 10.0.0.45 to any label out_10_0_0_45_ 
(essa esta funcionando beleza, pegando todo o trafego saindo de 10.0.0.45
pass quick log on $int_if from any to 10.0.0.45 label in_10_0_0_45_  
(essa aqui deveria pegar o trafego do tcpdump abaixo, mas nada)


00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
54: 186.124.122.74.24235 > 10.0.0.45.52357: Flags [.], ack 2681, win 
65535, length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
66: 122.173.125.179.59341 > 10.0.0.45.52554: Flags [.], ack 11537, win 
64890, options [nop,nop,sack 1 {17305:21631}], length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
66: 122.173.125.179.59341 > 10.0.0.45.52554: Flags [.], ack 11537, win 
64890, options [nop,nop,sack 1 {17305:23073}], length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
66: 186.124.122.74.24235 > 10.0.0.45.52357: Flags [.], ack 2681, win 
65535, options [nop,nop,sack 1 {3217:3753}], length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
74: 186.124.122.74.24235 > 10.0.0.45.52357: Flags [.], ack 2681, win 
65535, options [nop,nop,sack 2 {4289:4825}{3217:3753}], length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
66: 122.173.125.179.59341 > 10.0.0.45.52554: Flags [.], ack 14421, win 
64890, options [nop,nop,sack 1 {17305:23073}], length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
66: 122.173.125.179.59341 > 10.0.0.45.52554: Flags [.], ack 15863, win 
64890, options [nop,nop,sack 1 {17305:23073}], length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
74: 186.124.122.74.24235 > 10.0.0.45.52357: Flags [.], ack 2681, win 
65535, options [nop,nop,sack 2 {5361:5897}{4289:4825}], length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
54: 122.173.125.179.59341 > 10.0.0.45.52554: Flags [.], ack 23073, win 
64890, length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
74: 186.124.122.74.24235 > 10.0.0.45.52357: Flags [.], ack 3753, win 
64463, options [nop,nop,sack 2 {5361:5897}{4289:4825}], length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
54: 122.173.125.179.59341 > 10.0.0.45.52554: Flags [.], ack 25957, win 
64890, length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
80: 122.173.125.179.59341 > 10.0.0.45.52554: Flags [P.], ack 27399, win 
64890, length 26
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
66: 122.173.125.179.59341 > 10.0.0.45.52554: Flags [.], ack 27399, win 
64890, options [nop,nop,sack 1 {28841:30283}], length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
66: 122.173.125.179.59341 > 10.0.0.45.52554: Flags [.], ack 27399, win 
64890, options [nop,nop,sack 1 {28841:31725}], length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
66: 122.173.125.179.59341 > 10.0.0.45.52554: Flags [.], ack 27399, win 
64890, options [nop,nop,sack 1 {28841:33167}], length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
66: 122.173.125.179.59341 > 10.0.0.45.52554: Flags [.], ack 27399, win 
64890, options [nop,nop,sack 1 {28841:34609}], length 0
00:10:4b:21:6b:f8 > 00:15:6d:bd:8e:62, ethertype IPv4 (0x0800), length 
66: 122.173.125.179.59341 > 10.0.0.45.52554: Flags [.], ack 27399, win 
64890, options [nop,nop,sack 1 {28841:36051}], length 0



Mais detalhes sobre a lista de discussão freebsd