Re: Odd ipfilter/postfix interaction

On Thu, Feb 17, 2005 at 04:20:12PM -0600, David Bogen wrote:
> Maybe someone who is more of a networking guru than I am can figure out
> how to solve this problem.
>
> I've got a FreeBSD 4.11-STABLE system that is attached to the Internot
> via DSL. Generally, that all works just like one might expect it would.
>
> Recently, I switched to ipfilter 4.1.5 from some relatively recent
> release in the 3-series of ipfilter.
....
> Finally, with the same set of messages sitting in the queue that had
> been failing, failing, and failing again, I dropped ipfilter and flushed
> the postfix queue one more time.
>
> Blink and you missed it. The messages were gone.
>
> If anyone wants to try diagnosing this problem and is interested in
> looking at a tcpdump of a failed message, let me know and I'll make it
> available to you.

Rather than seeing dumps of your packets, it would probably be a lot
more useful to see a list of your ipfilter rules first; somebody might
spot some syntax which passed in 3.x but which was failing to load in
4.1.5. Also, any ipfilter log messages that might relate.

I won't swear that I'll spot anything - I am no ipf syntax guru - but
those would probably be the most useful things to look at on the list.

BTW, I am using older versions of IPF, Postfix (2.0.x) and FreeBSD
(4.8+) over DSL (no PPPoE, thank god) so I won't necessarily see the
same behavior as you, but at least there is some *vague* similarity in
our configurations.

-- Clifton

--
Clifton Royston -- cliftonr@tikitechnologies.com
Tiki Technologies Lead Programmer/Software Architect
"I'm gonna tell my son to grow up pretty as the grass is green
And whip-smart as the English Channel's wide..."
-- 'Whip-Smart', Liz Phair