>Yes, RTFMP , with a default policy of block, there is no need for specific >rules to stop things like outbound ssh traffic. > >Logging will tell you the rest.
Yes, I'm compromised or yes, I'm misreading the output? Like I said in my original post, logging isn't telling me anything; just the daily security run or /var/log/pf.today. While a default to deny policy will stop outbound ssh, you'll notice in my ruleset that I am allowing everything out on this server so that rule is necessary. I just really would like to know if these outbound ssh packets are nothing or if I have a problem on my hands. Thanks for the help! Terry J. Ninneman _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
