Gerald Chudyk wrote:
For the record:
Thanks to this thread I discovered another idiot in this very cubicle
who failed to perform proper research and was sometimes setting pf
rules to pass dhcp messages. Particularly when troubleshooting a dhcp
problem. I beat him severely, but it probably won't help. I constantly
catch him making mistakes. He is so lazy.
I'll just mention this in case it helps someone in the future:
Whenever I use a default block *log* rule to keep an eye on things, it
can be noisy. To help a bit (even though they don't actually do
anything), I use rules like this just to keep it out of the pf logs:
block in quick on $int2_if inet proto udp to any port { 67, 68, 135:139 }
--
-RSM
http://www.erratic.ca
