On dic 12 17:13, Rocky Hotas wrote:
>
> group "internal" on $if_mylan {
> pass in all
> pass out all
>
> block stateful out family inet4 proto tcp from <not_nice_host> to
> <target_address> port 443
> }
[... ]
> Is the order of the rules wrong? Or something else?
Ok, maybe it is more trivial than it seemed. Replacing the direction
`out' with `in',
block stateful in family inet4 proto tcp from <not_nice_host> to
<target_address> port 443
this seems to have the desired effect.
Thank you and sorry for the noise.
Rocky
