[asterisk-users] Can't block intrusion
D'Arcy Cain
darcy at VybeNetworks.com
Wed Apr 1 17:35:57 CDT 2020
On 2020-04-01 16:28, Mark Boyce wrote:
> On 1 Apr 2020, at 22:14, Greg Troxel <gdt at lexort.com
> <mailto:gdt at lexort.com>> wrote:
>>
>> I think you need to use tcpdump and turn up firewall debugging.
>
> sngrep is your friend …My bet is UDP vs TCP on firewall rules :-)
block drop in log quick on bge0 from <AUTOBLOCK> to any
block drop out log quick on bge0 from any to <AUTOBLOCK>
Am I misunderstanding pf? I thought that that would block TCP, UDP,
ICMP and anything else trying to get through.
Since I started looking at this closer I did find that only some
connections have this problem. Most get blocked as soon as the IP is
passed to the AUTOBLOCK table.
--
D'Arcy J.M. Cain
Vybe Networks Inc.
A unit of Excelsior Solutions Corporation - Propelling Business Forward
http://www.VybeNetworks.com/
IM:darcy at VybeNetworks.com VoIP: sip:darcy at VybeNetworks.com
More information about the asterisk-users
mailing list