Date: Mon, 3 Nov 2014 14:11:57 -0800 From: Doug Hardie <bc979@lafn.org> To: Dave Horsfall <dave@horsfall.org> Cc: FreeBSD PF List <freebsd-pf@freebsd.org> Subject: Re: Getting tables to work in PF Message-ID: <BD387CA3-84BE-4BA1-8943-BD77539D8E08@lafn.org> In-Reply-To: <alpine.BSF.2.00.1411032123560.1220@aneurin.horsfall.org> References: <alpine.BSF.2.00.1411031433070.1220@aneurin.horsfall.org> <CAPBZQG2b7=iiGLsj-vtuiaWRUJ-Gk6n9JwCXxVjCMeVEqsuing@mail.gmail.com> <alpine.BSF.2.00.1411032002560.1220@aneurin.horsfall.org> <CAPBZQG2DKNGSGRNu8%2BMAdEtyH5vj85dpxRUY2kMwDOZ44f7PJA@mail.gmail.com> <alpine.BSF.2.00.1411032123560.1220@aneurin.horsfall.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 3 November 2014, at 02:40, Dave Horsfall <dave@horsfall.org> wrote: >=20 > On Mon, 3 Nov 2014, Ermal Lu=C3=A7i wrote: >=20 >> - Full ruleset if you can disclose >=20 > As attached - no secrets in it. It's somewhat loose because it's = behind=20 > another firewall (the ADSL modem) that just lets = SMTP/HTTP/SSH-secret-port=20 > through to it (I've masked the SSH port). >=20 >> - Make sure with output of pfctl -s all that pf is actually enabled = to=20 >> do filtering on packets. >=20 > Attached; the empty "FILTER RULES" looks a bit suspicious... >=20 >> NOTE: You enable pf by running pfctl -e >=20 > I know; I was using "service pf restart" as well. What happens when you run: pfctl -f /etc/pf.conf I suspect you have something in /etc/rc.conf giving a different file for = the default pf config file. Your pf.conf file has a bunch of rules, = none of which are shown in the pfctl output.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BD387CA3-84BE-4BA1-8943-BD77539D8E08>