Hello I’m both new to pf and struggling with what I thought was a simple idea. This is on a laptop, not a firewall per se. I want to (a) allow incoming ssh connections for a small list of addresses, and (b) block other inbound ssh. No outbound restrictions at all.
Can’t make it work. /etc/pf.conf: table <mytable> { 192.168.10.13, 192.168.10.14, 192.168.100.1 } pass in proto tcp from <mytable> port ssh block in proto tcp from any port ssh block in log all I also thought that using ‘quick’ on the second rule would obviate the need for the generic last block. So achieving it in two rules, just like what my specification is. I’ve tried many variation. I think I’m missing some understanding. I know the rules are being observed because I can put in very basic statements like blocking a certain IP address for any service and that works. Help appreciated. r.