Date: Tue, 24 Mar 2009 16:24:17 +0000 (UTC) From: Dave Feustel <dfeustel@mindspring.com> To: Eric Magutu <emagutu@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: first firewall with pf Message-ID: <20090324162417.5186D8FC16@mx1.freebsd.org> In-Reply-To: <e9cb8190903240847t547d11b9qe5c670933b49743d@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Mar 24, 2009 at 06:47:40PM +0300, Eric Magutu wrote: > does the rule to block all other traffic have to be explicitly mentioned? > > On Tue, Mar 24, 2009 at 6:27 PM, Eric Magutu <emagutu@gmail.com> wrote: > > > Thanks I'll change that > > > > > > On Tue, Mar 24, 2009 at 6:20 PM, Glen Barber <glen.j.barber@gmail.com>wrote: > > > >> On Tue, Mar 24, 2009 at 10:47 AM, Eric Magutu <emagutu@gmail.com> wrote: > >> [snip] > >> > > >> > ########################## > >> > #block all other traffic # > >> > ########################## > >> > > >> > # should be last rule > >> > > >> > block in quick on $ext_if all Change this rule to block in on $ex_if all and then make it the first rule. The word 'quick' says don't evaluate any more rules if this matches.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090324162417.5186D8FC16>