Date: Fri, 25 Dec 2009 08:13:02 -0800 (PST) From: =?iso-8859-1?Q?D=E1nielisz_L=E1szl=F3?= <laszlo_danielisz@yahoo.com> To: Anh Ky Huynh <kyanh@viettug.org> Cc: freebsd-pf@freebsd.org Subject: Re: pf vs. afp Message-ID: <151838.29532.qm@web30804.mail.mud.yahoo.com> In-Reply-To: <20091225200624.0a19fa55@icy.localdomain> References: <899286.55058.qm@web30806.mail.mud.yahoo.com> <20091225200624.0a19fa55@icy.localdomain>
index | next in thread | previous in thread | raw e-mail
I am using "($int_if)" for ports 22, 80 too and they are working as charm.
This is how I defined it in my pf.conf:
int_if="rl0"
Right now I can not try it but when I'll be able I'll try your idea and than I will let you know how it works.
Thank you!
________________________________
From: Anh Ky Huynh <kyanh@viettug.org>
To: Dánielisz László <laszlo_danielisz@yahoo.com>
Cc: freebsd-pf@freebsd.org
Sent: Fri, December 25, 2009 2:06:24 PM
Subject: Re: pf vs. afp
On Fri, 25 Dec 2009 04:33:03 -0800 (PST)
Dánielisz László <laszlo_danielisz@yahoo.com> wrote:
>
> ________________________________
>
> Hello,
>
> It's been a while I struggeling how to deal with apf/netatalk
> passing trough my pf rules. If I disable pf everything is working
> great (but I still do want firewall on my server). I tried the
> following rule but it still don't lets me in:
>
> pass in log on $int_if inet proto { tcp, udp } from $localnet to
> ($int_if) port=548 flags S/SA keep state
I think the problem is "($int_if)". You should use, for e.g,
from $localnet to 192.168.1.123
> When I try a telnet on port 548 I got "Operation timed out", in
> pflog I can see that my Mac tries to connect but I have no clue why
> it can't when the coresponding port is open, do you have any idea?
Regards,
--
Anh Ky Huynh
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?151838.29532.qm>