Date: Fri, 9 May 2008 16:55:23 +0400 From: "Igor A. Valcov" <viaprog@gmail.com> To: freebsd-hackers@freebsd.org Subject: do not work nested unnamed anchor Message-ID: <bde600590805090555u4554855cib5d629140a874c0d@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello.
For example:
==== pf.conf ====
ext_if="xl0"
ip_world="nn.nn.nn.nn"
# Filter rules
block log all
anchor in on $ext_if {
pass quick proto tcp to $ip_world port 22 keep state
# SSH
pass quick proto tcp to $ip_world port 25 keep state
# SMTP
pass quick proto tcp to $ip_world port 110 keep state
# POP3
anchor {
pass quick proto tcp to $ip_world port 995 keep state
# POP3S
}
}
============
nmap results:
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 4.5p1 (FreeBSD 20061110; protocol 2.0)
25/tcp open smtp?
110/tcp open pop3 Openwall popa3d
I can not understand what the problem...
FreeBSD-7.0-RELEASE-p1
i386
--
Igor A. Valcov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bde600590805090555u4554855cib5d629140a874c0d>