first firewall with pf
Eric Magutu
emagutu at gmail.com
Tue Mar 24 08:47:45 PDT 2009
does the rule to block all other traffic have to be explicitly mentioned?
On Tue, Mar 24, 2009 at 6:27 PM, Eric Magutu <emagutu at gmail.com> wrote:
> Thanks I'll change that
>
>
> On Tue, Mar 24, 2009 at 6:20 PM, Glen Barber <glen.j.barber at gmail.com>wrote:
>
>> On Tue, Mar 24, 2009 at 10:47 AM, Eric Magutu <emagutu at gmail.com> wrote:
>> [snip]
>> >
>> > ##########################
>> > #block all other traffic #
>> > ##########################
>> >
>> > # should be last rule
>> >
>> > block in quick on $ext_if all
>> >
>> >
>>
>> This should not be the last rule. PF implements the rules in a
>> top-down fashion, where the last rule always wins. Without actually
>> loading this ruleset on my own system, it appears this rule will block
>> all incoming / outgoing traffic completely.
>>
>> This rule should be placed above all of your 'pass' rules.
>>
>>
>> --
>> Glen Barber
>>
>
>
>
> --
> Regards,
> Eric Magutu
>
>
--
Regards,
Eric Magutu
More information about the freebsd-pf
mailing list