Following the example /usr/share/examples/blacklistd/npf.conf I created
the following:
# Transparent firewall example for blacklistd
$ext_if = { wm0, tun0 }
set bpf.jit on;
alg "icmp"
group "external" on $ext_if {
ruleset "blacklistd"
pass final all
}
group default {
pass final all
}
After enabling npf, I see filter rules only on wm0, nothing for the
tunnel:
{150} /etc/rc.d/npf restart
Disabling NPF.
Enabling NPF.
{151} npfctl show
# filtering: active
# config: loaded
group "external" on wm0
ruleset "blacklistd" all
pass final all
group
pass final all
{152}
Am I missing something?
+------------------+--------------------------+------------------------+
| Paul Goyette | PGP Key fingerprint: | E-mail addresses: |
| (Retired) | FA29 0E3B 35AF E8AE 6651 | paul at whooppee.com |
| Kernel Developer | 0786 F758 55DE 53BA 7731 | pgoyette at netbsd.org |
+------------------+--------------------------+------------------------+
