Clients receive only first 4k (issue with pf.conf) -- ignore others

From: Scott Stevenson (scott_at_maxify.com)
Date: 05/30/05

Next message: Scott Stevenson: "Re: Clients receive only first 4k (issue with pf.conf) -- ignore others"

Previous message: Amandeep: "Re: Error installing FreeBSd 5.3 AMD 64 bit-Highpoint 1820A"
Next in thread: Scott Stevenson: "Re: Clients receive only first 4k (issue with pf.conf) -- ignore others"
Reply: Scott Stevenson: "Re: Clients receive only first 4k (issue with pf.conf) -- ignore others"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: freebsd-questions@freebsd.org
Date: Mon, 30 May 2005 09:23:12 -0700

(First, I apologize if there are duplicates sent to the list, but
that's related to the question.)

I originally asked about this back in February:

<http://monkey.org/freebsd/archive/freebsd-questions/200502/
msg03071.html>

Then just posted again recently with more details:

<http://monkey.org/freebsd/archive/freebsd-questions/200505/
msg00846.html>

Essentially, certain web client only receive the first 4096 bytes of
the file they request, then a garbage byte, then nothing. I *finally*
figured out that pf was responsible. Specifically, this line in pf.conf:

pass out on $ext_if proto { tcp, udp } all keep state

Everything's fine with Apache if I change it to this:

pass out on $ext_if proto { tcp, udp } all

The problem is that if I use the version without "keep state," the
machine can't send outbound mail, and I see messages like this in
maillog:

May 30 09:14:33 vertigo qmail: 1117469673.126013 delivery
639634: deferral
Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/

In fact, I tried to send this message to the list twice yesterday,
but realized that mail packets were being filtered out. I looked at
pflog0 while mail was being sent, but I wasn't able to find the
bounced packets. Here's the relevant smtp line:

pass in quick on $ext_if proto { tcp, udp } from any to any
port 25

I'm much more familiar with the firewalls bundled with various linux
distributions, so I'm really stumped. I've read through various
sections of the PF faq, but I haven't found an answer to this.

Thanks,

- Scott

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

Next message: Scott Stevenson: "Re: Clients receive only first 4k (issue with pf.conf) -- ignore others"

Previous message: Amandeep: "Re: Error installing FreeBSd 5.3 AMD 64 bit-Highpoint 1820A"
Next in thread: Scott Stevenson: "Re: Clients receive only first 4k (issue with pf.conf) -- ignore others"
Reply: Scott Stevenson: "Re: Clients receive only first 4k (issue with pf.conf) -- ignore others"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]