On Mon Mar 16 15:08:38 2015 GMT+0100, Andy Ruhl wrote: > On Mon, Mar 16, 2015 at 6:52 AM, D'Arcy J.M. Cain <da...@netbsd.org> wrote: > > > I have decided to give up on pf after banging my head against the wall > > (and the OBSD mailing list) and try npf but I can't figure out the > > syntax. I followed the example at http://www.netbsd.org/~rmind/npf/ > > but I keep getting errors when I validate. I reduced npf.conf to the > > following two lines: > > > > table <friends> type tree file "/VEX/general/pf/friends.list" > > table <enemies> type tree file "/VEX/general/pf/enemies.list" > > > > This gives me this error: > > > > # npfctl validate > > npfctl: table '0' is already defined > > > > If I remove one line I get this: > > > > # npfctl validate > > table <0> type tree > > > > If I put the full file and comment out the table lines I get this: > > > > # npfctl validate > > /etc/npf.conf:11:3: syntax error near 'alg' > > > > I am using the example config almost verbatim except for the table > > names and file paths. > > > > What am I missing here? > > > > No help unfortunately, I"m just here to say I'm having similar issues. I've > seen the npfctl error as well. > > I had some other problems so I decided to see if I could start by blocking > all traffic. I'm trying to get a very simple rule to work: > > block in final from 0.0.0.0/0 > > And it doesn't. Obviously I'm missing something very fundamental and I > haven't found it in the documentation yet. Maybe I have to use a table? > > Frustrating. > > Andy >
--
