first firewall with pf
Glen Barber
glen.j.barber at gmail.com
Tue Mar 24 08:44:47 PDT 2009
On Tue, Mar 24, 2009 at 10:47 AM, Eric Magutu <emagutu at gmail.com> wrote:
[snip]
>
> ##########################
> #block all other traffic #
> ##########################
>
> # should be last rule
>
> block in quick on $ext_if all
>
>
This should not be the last rule. PF implements the rules in a
top-down fashion, where the last rule always wins. Without actually
loading this ruleset on my own system, it appears this rule will block
all incoming / outgoing traffic completely.
This rule should be placed above all of your 'pass' rules.
--
Glen Barber
More information about the freebsd-pf
mailing list