O/S FreeBsd 6.0
All traffic blocked unless I use quick.
tcpdump -n -e -ttt -r /var/log/pflog
showed traffic was blocked by the last rule unless I added quick to pass rules.
I thought the matching rules would have overiden the block rule?
One more question: bundle0 is composed of two(2) interfaces bonded together.
Is there away to bring up the firewall when all the physical interfaces are up
and then once for the bundle0 interface is up add :
public_if = "bundle0"
pass in quick on $public_if all
to the rules in memory?
I have the following working(obfiscated) pf.conf in my /usr/home/bigdaddy
directory
=====pf.conf====
dns_servers = "{ X , Y , Z }"
mngmt_if= "myi0"
mngmt_net= "xx.yy.zz.0/24"
public_if = "bundle0"
ids = "A"
port3 = "4444"
allowed_ports = "{" "port1, port2," $port3 "}"
set loginterface $mngmt_if
pass in quick on $public_if all
pass in log-all quick on $mngmt_if proto tcp from $mngmt_net to $ids port
$allowed_ports keep state
pass out log-all quick on $mngmt_if proto {tcp,udp} from $ids to $dns_servers
port 53 keep state
pass in log-all quick on $mngmt_if proto icmp from $mngmt_net to $ids
icmp-type 8 code 0 keep state
pass out log-all quick on $mngmt_if proto icmp from $ids to any icmp-type 8
code 0 keep state
pass out log-all quick on $mngmt_if proto { tcp, udp } all keep state
block in log-all on $mngmt_if all
block out log-all on $mngmt_if all
============
kldload shows pf.ko loaded
When I boot, my rc.conf file has
pf_enable="YES"
pf_flags="-d"
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
