Date: Mon, 6 Jun 2005 23:43:23 -0700 From: Matt Rechkemmer <tiberius@trancell.org> To: questions@freebsd.org Subject: pf block question Message-ID: <20050607064323.GA29038@sdf.lonestar.org>
next in thread | raw e-mail | index | archive | help
So, at the very top of my pf "filter" rules, I have these rules: block drop in quick on fxp0 inet proto icmp from 1.3.3.7 to any block drop in quick on fxp0 inet proto tcp from 1.3.3.7 to any 1.3.3.7 is a made up IP address ;-). Even with this rule present, pf allows traffic from the IP through. I guess I'm a bit confused as to why it isn't being dropped. Since it has the "quick" keyword, shouldn't that take precedence over all other filter rules? Any ideas? -- Matt Rechkemmer tiberius@trancell.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050607064323.GA29038>