"block in quick on msk0 proto tcp *to* port ssh" whats this? "instead of above wrong statement, you can use "block in quick on msk0 proto tcp from any to any port ssh"
On Tue, Jul 24, 2012 at 2:27 AM, Peter N. M. Hansteen <pe...@bsdly.net>wrote: > "hvom .org" <hvom....@gmail.com> writes: > > > I'm problem with pfctl and the syntax. > > > > Line error is : *block in quick on msk0 proto tcp port ssh* > > * > > pfctl -nf /etc/pf.conf * is broken, no exit .... > > Trying to reproduce here (changing only the interface name to one that > exists on the test system) it says 'syntax error' and gives the line > number before exiting. > > I suspect > > block in quick on msk0 proto tcp to port ssh > > is what you want, pfctl -vnf on that will give you the expanded version > after parsing: > > $ sudo pfctl -vnf hvom > block drop in quick on iwn0 proto tcp from any to any port = 22 > > > My book is update is 15/05/2012, the site web update is 19/05/2012. > > it would be interesting to hear what book and web site you're referring > to here. > > - P > -- > Peter N. M. Hansteen, member of the first RFC 1149 implementation team > http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ > "Remember to set the evil bit on all malicious network traffic" > delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
