Martti Kuparinen wrote:
Hi,
I'm using NetBSD 4.0_RC3 with IPF 4.1.23 and I can't make IPF to log
anything even when the packet matches with the "skip 3" rule. Am I
doing something wrong?
block in on bnx0 all head 10
# Wrong destination addresses
skip 3 in log from any to
xxx.xxx.xxx.aaa group 10
skip 2 in from any to
xxx.xxx.xxx.bbb/25 group 10
skip 1 in from any to
xxx.xxx.xxx.0/24 group 10
block in log quick from any to
any group 10
pass in from any to
any group 10
I think the answer is that "skip" and "log" do not work together.
The use of "log" in a rule like that only kicks in if it is the last
rule matched.
Darren
