first firewall with pf
Eric Magutu
emagutu at gmail.com
Tue Mar 24 08:27:51 PDT 2009
Thanks I'll change that
On Tue, Mar 24, 2009 at 6:20 PM, Glen Barber <glen.j.barber at gmail.com>wrote:
> On Tue, Mar 24, 2009 at 10:47 AM, Eric Magutu <emagutu at gmail.com> wrote:
> [snip]
> >
> > ##########################
> > #block all other traffic #
> > ##########################
> >
> > # should be last rule
> >
> > block in quick on $ext_if all
> >
> >
>
> This should not be the last rule. PF implements the rules in a
> top-down fashion, where the last rule always wins. Without actually
> loading this ruleset on my own system, it appears this rule will block
> all incoming / outgoing traffic completely.
>
> This rule should be placed above all of your 'pass' rules.
>
>
> --
> Glen Barber
>
--
Regards,
Eric Magutu
More information about the freebsd-pf
mailing list