Hello,
Yes it loaded properly. Yes I had missied the macro for the external
NIC it is included in the original ruleset. t_externa = fxp0
This is the result for pfctl -sr:
match in all scrub (no-df)
block drop all
pass out all flags S/SA keep state
pass out quick on fxp0 inet proto tcp from
Why are you doing from any to (fxp0) ? That's your problem. Change all
the rules like that to from any to any since you're already putting
the rule on that interface and it should fix you up. As long as you're
not redirecting you can turn logging on specific rules and see why
they're blocking
On 04/22/10 18:22, Allie Daneman wrote:
Why are you doing from any to (fxp0) ? That's your problem. Change all
I fail to see why that would cause any issues. Care to elaborate?
/Alexander
the rules like that to from any to any since you're already putting
the rule on that interface and it
Hello,
THat solved the issue but I have about 20 rulesets that have the same
syntax. I dont see anything yet also about this.
Please elaborate.
Andres
On Thu, Apr 22, 2010 at 3:59 PM, Alexander Hall alexan...@beard.se wrote:
On 04/22/10 18:22, Allie Daneman wrote:
Why are you doing from any
Hello all.
I have a ruleset where iam explicitly allowing incoming connections
on port 22.. (default is block log all) .. for some weird reason
they are getting blocked
log says: Apr 21 17:09:49.105052 rule 1/(match) block in on fxp0:
my.client.ip.here.54711 my.server.ip.here.22: S
## Traffic IN
pass in log quick on $t_externa inet proto { tcp, udp } from any
to ($t_externa) \
port { 22 8080 } keep state
In your pf configuration it doesn't show where you actually define the
macro for your interface $t_externa.
Are you sure the rules you run are
6 matches
Mail list logo
