> @24 pass in log quick on rl1 inet proto tcp from 192.168.1.42/32 to > 192.168.1.182/32 port = ssh flags S/FSRA
You will want a "keep state" in there, or else ONLY the initial SYN will match, which is what you are experiencing. > > In order to stop the rest of the tech network from accessing 22 I have > > @9 block in log on rl1 inet proto tcp from 192.168.1.0/24 to > 192.168.1.182/32 port = ssh -kj
