Calomel <[EMAIL PROTECTED]> writes:
> You could always try setting up a table will ips/subnets of your network
> you do not want the wifi network to goto called $my_localnets. Then use the
> not (!) operator to say, wifi can go anywhere but not (!) $my_localnets.
>
> my_localnets = {10.10.10/24, 10.20.20/24}
> pass in on $wifi_if from $wifi_if:network to !$my_localnets
unless you have either a matching pass rule or a skip on the interface
facing the world, the 'pass in' will only pass as far as the machine
where the rule set runs, though. The 'from' and 'to' keywords only
denote source and destination addresses respectively.
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
