Getting tables to work in PF
Ermal Luçi
eri at freebsd.org
Mon Nov 3 10:04:05 UTC 2014
On Mon, Nov 3, 2014 at 10:13 AM, Dave Horsfall <dave at horsfall.org> wrote:
> On Mon, 3 Nov 2014, Ermal Luçi wrote:
>
> > Probably you forgot to clear the states!
>
> I was under the impression that "state" applied to "keep state" i.e.
> outgoing connections.
>
> Nonetheless:
>
> aneurin# pfctl -s state
> No ALTQ support in kernel
> ALTQ related functions disabled
> aneurin# pfctl -F s
> No ALTQ support in kernel
> ALTQ related functions disabled
> 0 states cleared
> aneurin#
>
Well there are two things needed from your side:
- Full ruleset if you can disclose
- Make sure with output of pfctl -s all that pf is actually enabled to do
filtering on packets.
NOTE: You enable pf by running pfctl -e
>
> Still not blocking, and still not logging any such blocks. Got a working
> example that I can use?
>
> Do remember that I even blocked all incoming SMTP as a test, hence my
> question as to whether PF was actually working here.
>
> Also don't forget my other observation that <spammers> wasn't created
> until I did so by hand.
>
> --
> Dave Horsfall (VK2KFU) "Bliss is a MacBook with a FreeBSD server."
> http://www.horsfall.org/spam.html (and check the home page whilst you're
> there)
> _______________________________________________
> freebsd-pf at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"
>
--
Ermal
More information about the freebsd-pf
mailing list