On January 25, 2017 10:44:19 AM GMT+01:00, "Peter N. M. Hansteen" <pe...@bsdly.net> wrote: >On Wed, Jan 25, 2017 at 12:04:40AM +0000, Luke Small wrote: >> if I have: >> "pass out quick on lo0 from self port 6379 to \ any user luke >> >> block out quick on lo0 from self port 6379 to any >> >> pass quick on lo0 from any to any" >> >> a local connection to port 6379 will go to the last rule... isn't >this a >> useful feature to allow one of the first two rules to take effect? > >Does your application expicitly set source port to 6379? If not and >definitely if you want destination port, you need to move the >'port NNNN' bit to after the 'to' in your rules.
Agreed. And don't forget to omit the 'set slip on lo' part. /Alexander > >Also, as I keep repeating to anybody who cares to listen, just like >"verbing weirds the language", "excessiv quicks weird your PF rule >set".
