Hello guys, can anyone tell me why pfctl -t blockips -T show -v command is not
showing me the blocked ips ? Here is my packet filter configuration file:
################ Macros ###################################
# macro for the interface names
ext_if = "rl0"
int_if = "fxp0"
################ Tables ####################################
table <blockedips> persist file "/etc/pf.blocked.ip.conf"
################ Options ##################################
set optimization aggressive
set loginterface $ext_if
set block-policy drop
set require-order yes
################ Normaliztation ############################
scrub on $ext_if all random-id min-ttl 254 max-mss 1452 reassemble tcp fragment
reassemble
#My edit
rdr on $ext_if proto tcp from any to any port 80 -> 127.0.0.1 port 9828
# loopback
antispoof log quick for lo0 inet
pass quick on lo0 all
#my code
block drop in log (all) quick on $ext_if from <blockedips> to any
Thanks
Matt
_______________________________________________
bsd-india mailing list
[email protected]
http://www.bsd-india.org/mailman/listinfo/bsd-india
