Dear list. I'm trying to configure pf on FreeBSD 6.2-release with no success. Is there anyone that has time and can give me a clue for what I'm doing wrong?
This is what I have done: 1) /etc/rc.conf: pf_enable="YES" # Enable PF (load module if required) pf_rules="/etc/pf.conf" # rules definition file for pf pf_flags="" # additional flags for pfctl startup pflog_enable="YES" # start pflogd(8) pflog_logfile="/var/log/pflog" # where pflogd should store the logfile pflog_flags="" # additional flags for pflogd startup 2) /etc/pf.conf: ---------------------------------------------------------------------- ...<snap> # 1. Macros lo = lo0 # loopback device ext = nve0 # networkcard # 2. Tables # 3. Options set block-policy drop set optimization aggresive set loginterface $ext # 4. Packet normalization scrub in on $ext all # 5. Queueing. # 6. Translation. # 7. Filtering. pass quick on $lo all # Don't block loopback traffic antispoof for { $lo, $ext } # Antispoof block in on $ext all # Block all incoming as default block out on $ext all # Block all outgoing as default # Eof ...<snap> ----------------------------------------------------------------- 3) kldstat says: 7 1 0xc4b1c000 3000 pflog.ko 8 1 0xc4b26000 2d000 pf.ko As far as I get it, I shouldn't be able to enter the internet as it is, but nothing is blocked and I can check my mail and so. What have I missed ? -- /Peo
signature.asc
Description: This is a digitally signed message part