connect() failed (1: Operation not permitted) while connecting to upstream

Sun Jul 27 10:19:52 MSD 2008

Здравствуйте, Igor.

Актуальный конфиг pf. Проблема воспроизводится.

pass  in  proto tcp from any to any port 80 keep state
pass  in  proto tcp from 127.0.0.1 to port 9000
pass  out  proto tcp from 127.0.0.1 to port 9000
pass  in  proto tcp from 127.0.0.1 to port 25 keep state
pass  in  proto tcp from 127.0.0.1 to port 3306 keep state
pass  in  proto icmp from 213.186.114.123 to any keep state
pass in proto {tcp, udp} from ****  to any port 22 keep state
pass in proto {tcp, udp} from ****  to any port 22 keep state
pass out all keep state

Вы писали Friday, May 16, 2008, 3:56:20 PM:

> On Fri, May 16, 2008 at 03:05:33PM +0300, Vladimir Rekshta wrote:

>> используется pf с такими правилами:
>> 
>> pass in quick on $ext_if proto tcp from < > to { }  port  {  } flags S/SA
>> modulate state

> Нужно убрать modulate и keepstate между nginx'ом и бэкендами.

-- 
С уважением,
 Andrey                          mailto:andrey at mail.anti-aging-drugs.com