From owner-freebsd-pf@FreeBSD.ORG Fri Jan 28 15:25:28 2011 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AB666106567A for ; Fri, 28 Jan 2011 15:25:28 +0000 (UTC) (envelope-from mlmichael70@gmail.com) Received: from mail-ww0-f42.google.com (mail-ww0-f42.google.com [74.125.82.42]) by mx1.freebsd.org (Postfix) with ESMTP id 3B3628FC1A for ; Fri, 28 Jan 2011 15:25:27 +0000 (UTC) Received: by wwi17 with SMTP id 17so1116800wwi.1 for ; Fri, 28 Jan 2011 07:25:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type :content-transfer-encoding; bh=C3PnlDydypry0BVuWe2tIv8XYlZDYP/UCRIoYsyQ67Q=; b=iubbcRO/+Q5W5ihrwmdsGNiVyJ/rn2PQbkGR9edU3xDuiPnjGMy/a48pZbBPYsyFpQ JXKheb/cYQbOSMjnIDC5d0yC42ZWmigy6BvOQIKOUsRuhjGP2GrqcBUJxfS3mq5uXO0P RgzVpLmRNoi4m2eXNMNv7RRPjHGmnI3hZIKrI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=KvHz/SV5Jl6oD7rAtbf8cTKsBfLDFi/Im0RL6dUg288Fmlgbi4aKn3wJWv5gFPDvcU p2z4FZuO0b51Psx4iqH7sn7HxZQYWxijTHs23EJ2pRwC9L6hZKMojPl2LwJ4Ur4PHY4T JfGAnM+lP4kbrBlKP9PqFEbHf4xCYEj+lC2h0= Received: by 10.227.138.15 with SMTP id y15mr2785773wbt.186.1296228327174; Fri, 28 Jan 2011 07:25:27 -0800 (PST) Received: from prime.nonspace ([82.132.211.68]) by mx.google.com with ESMTPS id f27sm1902575wbf.7.2011.01.28.07.25.24 (version=SSLv3 cipher=RC4-MD5); Fri, 28 Jan 2011 07:25:25 -0800 (PST) Message-ID: <4D42DFEA.3020003@gmail.com> Date: Fri, 28 Jan 2011 15:25:30 +0000 From: Michael User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.13) Gecko/20101215 Thunderbird/3.1.7 MIME-Version: 1.0 To: Greg Hennessy References: <4D428A38.8000609@gmail.com> <9E8D76EC267C9444AC737F649CBBAD9027BC4023C4@PEMEXMBXVS02.jellyfishnet.co.uk.local> In-Reply-To: <9E8D76EC267C9444AC737F649CBBAD9027BC4023C4@PEMEXMBXVS02.jellyfishnet.co.uk.local> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: "freebsd-pf@freebsd.org" Subject: Re: why "block quick on wlan0" doesn't stop DHCP? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jan 2011 15:25:28 -0000 On 28/01/2011 09:47, Greg Hennessy wrote: > > IIRC BPF sees all traffic before PF. DHCP hooks at the BPF layer, so it'll be serviced before any filtering policy applies. > Now that's not cool man.. ;) So is it like there's nothing I can do about it? Thanks a lot for your explanation, I was not aware of that. Michael