Christian Laursen wrote on 10/01/2015 15:03:
On 10/01/15 14:51, Miroslav Lachman wrote:
[snip]
Are there any easy option to user antispoof and still be able to
connect from machine itself?
I don't know anything about the antispoof feature, but I always put "set
skip on lo0" at the top of my pf rulesets.
That will bypass pf for all local traffic and I think it will work in
this case.
Yes, I have skip on lo0 too.
Now I know what was the problem.
I accidentally removed 127.0.0.1 from lo0 when manipulating with another
aliased IP. Then I added 127.0.0.1 back, but system behaves anbormally
in this "local traffic" case.
After reboot, it all went fine and previous PF rules with antispoof work
as expected.
Sorry for the noise.
Miroslav Lachman
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[email protected]"
