Hi
I have a question, with a hopefully simple answer :-)
I have a transparent OpenBSD/pf firwall protecting a range of public
ip-adresses.
I want to only let certain ip-ranges to have SSH-access.
So I typed in the following rule:
pass in quick on $ext proto tcp from { xx.xx.xx.xx/xx , xx.xx.xx.xx/xx \
xx.xx.xx.xx/xx , ... } to xx.xx.xx.xx/xx port 22 keep state
And that works fine, however incoming connections dosn't get blocked, i.e
ssh hangs for a while when trying to connect.
nmap also says the port is in state filtered.
Can I get pf to report the port as closed instead or would that be unwise?
regards
H�kan
--
H�kan Kvist
Real address is hagar_snabela_df_punkt_lth_se
replace snabela with "@", punkt with "."
remove _
