Hello
I’m both new to pf and struggling with what I thought was a simple idea. This
is on a laptop, not a firewall per se. I want to (a) allow incoming ssh
connections for a small list of addresses, and (b) block other inbound ssh. No
outbound restrictions at all.
Can’t make it work. /etc/pf.conf:
table <mytable> { 192.168.10.13, 192.168.10.14, 192.168.100.1 }
pass in proto tcp from <mytable> port ssh
block in proto tcp from any port ssh
block in log all
I also thought that using ‘quick’ on the second rule would obviate the need for
the generic last block. So achieving it in two rules, just like what my
specification is.
I’ve tried many variation. I think I’m missing some understanding. I know the
rules are being observed because I can put in very basic statements like
blocking a certain IP address for any service and that works.
Help appreciated.
r.
