From owner-freebsd-pf@FreeBSD.ORG Wed Feb 28 19:12:02 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 05CF916A402 for ; Wed, 28 Feb 2007 19:12:02 +0000 (UTC) (envelope-from dudu.meyer@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.188]) by mx1.freebsd.org (Postfix) with ESMTP id 6490C13C4B5 for ; Wed, 28 Feb 2007 19:12:00 +0000 (UTC) (envelope-from dudu.meyer@gmail.com) Received: by mu-out-0910.google.com with SMTP id g7so219176muf for ; Wed, 28 Feb 2007 11:12:00 -0800 (PST) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=b3qwuelcGk/rI80LQ4176s+Jpx7XKvH856ioSlSadvz0KVTQ8Zx8fX30CDirjg9ANh0ffflRFKhFeXqO7uguz64wVjRnzTftN0Q7BoEAgt05BAAArY/AA+35tN40mrssYfw+WxEvLDLa6ZIrS8Luu/wjDutmY9mepmoShWNcK0g= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=liTq89dHs/obVynVNNobRQ+6A++z4I8zaWBkWq+jgVx0YS8u38nW84LXGwws9gjVqhdNqadiLBmO9LOYVJJI/572nJXoU/iem8Z+nlu7skcNPW+6HVnMNADXxiQw/vov9bBrrBJRL65sAuoPyMVfEt7HIL9aXHBZ7fL+C2W/Gbs= Received: by 10.82.163.13 with SMTP id l13mr287944bue.1172689919897; Wed, 28 Feb 2007 11:11:59 -0800 (PST) Received: by 10.82.151.16 with HTTP; Wed, 28 Feb 2007 11:11:59 -0800 (PST) Message-ID: Date: Wed, 28 Feb 2007 16:11:59 -0300 From: "Eduardo Meyer" To: freebsd-pf@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: flags tcp and abscence of flag X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Feb 2007 19:12:02 -0000 Hello, I need write a PF rule that does what this IPFW rule do: deny log tcp from any to any tcpflags fin,!syn,!rst,!ack in Someone told me to do this: block drop log in quick from any to any flags F/SRA But as far as I read the PF FAQ and man page, this is incorrect. However I did not find a way to to make a rule with absence of a flag, just like the !flag on ipfw. Can someone please convert this simple ipfw rule to of? Thank you. -- =========== Eduardo Meyer pessoal: dudu.meyer@gmail.com profissional: ddm.farmaciap@saude.gov.br