From owner-freebsd-pf@FreeBSD.ORG Mon Mar 28 03:58:22 2011 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3D343106566C for ; Mon, 28 Mar 2011 03:58:22 +0000 (UTC) (envelope-from vilem.kebrt@gmail.com) Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com [209.85.214.54]) by mx1.freebsd.org (Postfix) with ESMTP id BA3BD8FC0C for ; Mon, 28 Mar 2011 03:58:21 +0000 (UTC) Received: by bwz12 with SMTP id 12so2742721bwz.13 for ; Sun, 27 Mar 2011 20:58:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=w5Kcw13wHEObP2dFvfoTPgNfrJt8cgHTk8hoP5az3uE=; b=E+4ApXmYRlHeczRG8D8WI/bRQalOl2sVIFjfpyBz/0uLlPT3DpyKl/Fw6xxPwvpABs 2YJz7wj1840CvGmWFxOl3g78gHNL+FjYSiXel6Fsjj9n1xBzEtisqlUtXDtYcENeltko 2Ofy52UQLqjP/YxSpIrVaFJb7vko5+cmkQoTI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=j6kj7rFNJjsm/xc//UBAaRnbvNqtcUBVXQnn93KNdrMbyKYEa8fAF4yPrf9I2bIa3k r+qqsC9kh5M9wvpxc/CaOV/41CVAdks0oi8PMsdozrs/DisR9FqGpl3Dxt0kHk3Ddh6g xnPEWJHMynWuzwYwElbZ9MIeM1anNyFI9utnM= Received: by 10.204.57.135 with SMTP id c7mr3058356bkh.88.1301284700548; Sun, 27 Mar 2011 20:58:20 -0700 (PDT) Received: from [192.168.133.10] (ip-89-103-9-22.net.upcbroadband.cz [89.103.9.22]) by mx.google.com with ESMTPS id b6sm2329792bkb.10.2011.03.27.20.58.19 (version=SSLv3 cipher=OTHER); Sun, 27 Mar 2011 20:58:19 -0700 (PDT) Message-ID: <4D90075A.3030300@gmail.com> Date: Mon, 28 Mar 2011 05:58:18 +0200 From: Vilem Kebrt User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.14) Gecko/20110223 Thunderbird/3.1.8 MIME-Version: 1.0 To: freebsd-pf@freebsd.org References: <4D8E11CB.2070501@eskk.nu> In-Reply-To: <4D8E11CB.2070501@eskk.nu> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Lost in rules! X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Mar 2011 03:58:22 -0000 Dne 26.3.2011 17:18, Leslie Jensen napsal(a): > block drop in log quick proto ipv6 all > > block drop out log quick proto ipv6 all Hi Leslie, imho these rules will "drop random everything" , definition of ipv6 in PF is inet6 :) and they are quick so no other rules aply. block drop in on $ext_if inet6 all block drop out on $ext_if inet6 all should be these rules i think. William