Date: Fri, 8 Nov 2013 14:41:56 +0100 From: claudiu vasadi <claudiu.vasadi@gmail.com> To: "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org> Subject: FreeBSD 9.1-STABLE - pf rule being ignored Message-ID: <CAM-i3ihX43UxmrM-ThOP=nK2qr=jMpzab-zB7o_x--C2eDWUKg@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi all, I have a 9.1-STABLE r251615 acting as a firewall. The rules: block in all pass out all keep state [...] block return from !$internal_ip to $external_ip What I want is to block all the network except $internal to from accessing $external_ip. For some reason, the above rule simply does not work. However, the below does work and block everyone except $internal_ip: block return from $internal_net/24 to $external_ip pass from $internal_ip to $external_ip Why is this? I remember reading the docs for OpenBSD 4.5 and I guess it should work like in the first example. PS: Yes, I can see the rule with pfctl -sr and it does translate properly. -- Best regards, Claudiu Vasadi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAM-i3ihX43UxmrM-ThOP=nK2qr=jMpzab-zB7o_x--C2eDWUKg>