Date: Sat, 11 Mar 2006 23:49:56 -0500 From: "Jacob, Raymond A Jr" <raymond.jacob@navy.mil> To: <freebsd-pf@freebsd.org> Subject: RE: Two(2) questions regarding quick and adding rules later. Message-ID: <653C8E7D21FB654997909E77C691053F45B0E7@NAEAWNYDEX21VA.nadsusea.nads.navy.mil>
next in thread | raw e-mail | index | archive | help
So you are saying if I have just one quick statement the last rule matching i.e. block log all wins?=20 Thank you, Raymond -----Original Message----- From: Greg Hennessy [mailto:Greg.Hennessy@nviz.net] Sent: Saturday, March 11, 2006 4:38 To: Jacob, Raymond A Jr; freebsd-pf@freebsd.org Subject: RE: Two(2) questions regarding quick and adding rules later. >=20 > All traffic blocked unless I use quick. > tcpdump -n -e -ttt -r /var/log/pflog > showed traffic was blocked by the last rule unless I added=20 > quick to pass rules. > I thought the matching rules would have overiden the block rule? If you don't use quick , the last matching rule wins.=20 Make the very 1st rule=20 block log all And delete any non specific blocks further down.=20 Greg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?653C8E7D21FB654997909E77C691053F45B0E7>