Hello, From reading the documentation, I couldn't quite tell where the antispoofing rule should fall in a pf ruleset. Is this syntax correct? I thought I'd be able to access another LAN machine freely via ssh (I've already tested that ssh does work without a firewall), but I cannot. table <lan> { 192.168.0.0/24 } block all antispoof for $ext_if pass in quick on $ext_if from <lan> to $ext_if pass out quick on $ext_if from $ext_if to <lan> Thanks, DM
-- Be aware. Stay present. Speak honestly. --------------------------------- Never miss a thing. Make Yahoo your homepage.