Dear All,
I wonder why my (incomplete) ruleset won't be
loaded correctly in ipf. Any suggestions are
highly appreciated.
[EMAIL PROTECTED] ~]# ipf -FaM
[EMAIL PROTECTED] ~]# ipf -f /etc/ipf.rules2
[EMAIL PROTECTED] ~]# ipfstat -niM
@1 pass in quick on lo0 from any to anyM
@2 block in quick on tun0 from any to any head 1M
@1 block in quick on tun0 from 192.168.0.0/16 to any group 1M
@2 block in quick on tun0 from 172.16.0.0/12 to any group 1M
@3 block in quick on tun0 from 10.0.0.0/8 to any group 1M
@4 block in quick on tun0 from 127.0.0.0/8 to any group 1M
@5 block in quick on tun0 from 0.0.0.0/8 to any group 1M
@6 block in quick on tun0 from 169.254.0.0/16 to any group 1M
@7 block in quick on tun0 from 192.0.2.0/24 to any group 1M
@8 block in quick on tun0 from 204.152.64.0/23 to any group 1M
@9 block in quick on tun0 from 224.0.0.0/3 to any group 1M
@10 block in log quick on tun0 from any to 192.168.1.0/28 group 1M
[EMAIL PROTECTED] ~]# ipfstat -niH HoM
@1 pass out quick on lo0 from any to anyM
[EMAIL PROTECTED] ~]# uname -aM
FreeBSD lap.mobile 5.3-RELEASE FreeBSD 5.3-RELEASE #5: Mon Jan 17
19:19:06 CET 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/IBM_01
i386M
[EMAIL PROTECTED] ~]# cat /etc/ipf.ru.esH HH HH HeH Hles2M
# lo0 #M
M
pass out quick on lo0M
pass in quick on lo0M
M
# tun0 #M
M
block in quick on tun0 all
head 1M
block in quick on tun0 from 192.168.0.0/16
to any group 1M
block in quick on tun0 from 172.16.0.0/12
to any group 1M
block in quick on tun0 from 10.0.0.0/8
to any group 1M
block in quick on tun0 from 127.0.0.0/8
to any group 1M
block in quick on tun0 from 0.0.0.0/8
to any group 1M
block in quick on tun0 from 169.254.0.0/16
to any group 1M
block in quick on tun0 from 192.0.2.0/24
to any group 1M
block in quick on tun0 from
204.152.64.0/23 to any
group 1M
block in quick on tun0 from 224.0.0.0/3
to any group 1M
block in log quick on tun0 from any
to 192.168.1.0/28 group 1M
block in log quick on tun0 from any
to 192.168.1.15/28 group 1M
block in log quick on tun0 from any
to 192.168.1.0/32 group 1M
block in log quick on tun0 from any
to 192.168.2.0/28 group 1M
block in log quick on tun0 from any
to 192.168.2.15/28 group 1M
block in log quick on tun0 from any
to 192.168.2.0/32 group 1M
pass in quick on tun0 from 192.168.1.0/28
to any group 1M
M
M
block out quick on tun0 all
head 2M
block out quick on tun0 from 192.168.0.0/16
to any group 2M
block out quick on tun0 from 172.16.0.0/12
to any group 2M
block out quick on tun0 from 10.0.0.0/8
to any group 2M
block out quick on tun0 from 127.0.0.0/8
to any group 2M
block out quick on tun0 from 0.0.0.0/8
to any group 2M
<--- snip --->
Thanks Tom
