On Mon, Mar 16, 2015 at 6:52 AM, D'Arcy J.M. Cain <da...@netbsd.org> wrote:
> I have decided to give up on pf after banging my head against the wall > (and the OBSD mailing list) and try npf but I can't figure out the > syntax. I followed the example at http://www.netbsd.org/~rmind/npf/ > but I keep getting errors when I validate. I reduced npf.conf to the > following two lines: > > table <friends> type tree file "/VEX/general/pf/friends.list" > table <enemies> type tree file "/VEX/general/pf/enemies.list" > > This gives me this error: > > # npfctl validate > npfctl: table '0' is already defined > > If I remove one line I get this: > > # npfctl validate > table <0> type tree > > If I put the full file and comment out the table lines I get this: > > # npfctl validate > /etc/npf.conf:11:3: syntax error near 'alg' > > I am using the example config almost verbatim except for the table > names and file paths. > > What am I missing here? > No help unfortunately, I"m just here to say I'm having similar issues. I've seen the npfctl error as well. I had some other problems so I decided to see if I could start by blocking all traffic. I'm trying to get a very simple rule to work: block in final from 0.0.0.0/0 And it doesn't. Obviously I'm missing something very fundamental and I haven't found it in the documentation yet. Maybe I have to use a table? Frustrating. Andy
