Date: Sat, 11 Mar 2006 23:49:56 -0500 From: "Jacob, Raymond A Jr" <raymond.jacob@navy.mil> To: <freebsd-pf@freebsd.org> Subject: RE: Two(2) questions regarding quick and adding rules later. Message-ID: <653C8E7D21FB654997909E77C691053F45B0E7@NAEAWNYDEX21VA.nadsusea.nads.navy.mil>
next in thread | raw e-mail | index | archive | help
So you are saying if I have just one quick statement the last rule matching i.e. block log all wins? Thank you, Raymond -----Original Message----- From: Greg Hennessy [mailto:Greg.Hennessy@nviz.net] Sent: Saturday, March 11, 2006 4:38 To: Jacob, Raymond A Jr; freebsd-pf@freebsd.org Subject: RE: Two(2) questions regarding quick and adding rules later. > > All traffic blocked unless I use quick. > tcpdump -n -e -ttt -r /var/log/pflog > showed traffic was blocked by the last rule unless I added > quick to pass rules. > I thought the matching rules would have overiden the block rule? If you don't use quick , the last matching rule wins. Make the very 1st rule block log all And delete any non specific blocks further down. Greg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?653C8E7D21FB654997909E77C691053F45B0E7>