Micha Holzmann <[email protected]> writes: > But regardles how i write it into the pf.conf and check it with pfctl > i get a syntax error message. > > I tried several syntax: > > scrub all > scrub in all
Yes, you've hit the one small flag day change in OpenBSD 4.6 - try match in all scrub (reassemble tcp) or some variation (some other parameters are possible). It's in the official docs, but not all the other resources out there that your favorite search engine will turn up have caught up with the news yet. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
