From owner-freebsd-questions@FreeBSD.ORG  Tue Jun  7 10:50:36 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9B22516A41C
	for <freebsd-questions@freebsd.org>;
	Tue,  7 Jun 2005 10:50:36 +0000 (GMT)
	(envelope-from keramida@ceid.upatras.gr)
Received: from kane.otenet.gr (kane.otenet.gr [195.170.0.95])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E722243D55
	for <freebsd-questions@freebsd.org>;
	Tue,  7 Jun 2005 10:50:34 +0000 (GMT)
	(envelope-from keramida@ceid.upatras.gr)
Received: from orion.daedalusnetworks.priv (aris.bedc.ondsl.gr [62.103.39.226])
	by kane.otenet.gr (8.13.4/8.13.4/Debian-1) with SMTP id j57AoUfl031321; 
	Tue, 7 Jun 2005 13:50:31 +0300
Received: from orion.daedalusnetworks.priv (orion [127.0.0.1])
	by orion.daedalusnetworks.priv (8.13.3/8.13.3) with ESMTP id
	j57AoUHE050046; Tue, 7 Jun 2005 13:50:30 +0300 (EEST)
	(envelope-from keramida@ceid.upatras.gr)
Received: (from keramida@localhost)
	by orion.daedalusnetworks.priv (8.13.3/8.13.3/Submit) id j57AoUKL050039;
	Tue, 7 Jun 2005 13:50:30 +0300 (EEST)
	(envelope-from keramida@ceid.upatras.gr)
Date: Tue, 7 Jun 2005 13:50:30 +0300
From: Giorgos Keramidas <keramida@ceid.upatras.gr>
To: Matt Rechkemmer <tiberius@trancell.org>
Message-ID: <20050607105030.GA44218@orion.daedalusnetworks.priv>
References: <20050607064323.GA29038@sdf.lonestar.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20050607064323.GA29038@sdf.lonestar.org>
Cc: freebsd-questions@freebsd.org
Subject: Re: pf block question
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jun 2005 10:50:36 -0000

On 2005-06-06 23:43, Matt Rechkemmer <tiberius@trancell.org> wrote:
> So, at the very top of my pf "filter" rules, I have these rules:
>
> block drop in quick on fxp0 inet proto icmp from 1.3.3.7 to any
> block drop in quick on fxp0 inet proto tcp from 1.3.3.7 to any
>
> 1.3.3.7 is a made up IP address ;-).  Even with this rule present, pf allows
> traffic from the IP through.  I guess I'm a bit confused as to why it isn't
> being dropped.  Since it has the "quick" keyword, shouldn't that take
> precedence over all other filter rules?

We'd have to see the entire ruleset and a tcpdump of traffic that passes
through to know what's wrong.

- Giorgos