Getting tables to work in PF
Doug Hardie
bc979 at lafn.org
Mon Nov 3 22:34:24 UTC 2014
> On 3 November 2014, at 02:40, Dave Horsfall <dave at horsfall.org> wrote:
>
> On Mon, 3 Nov 2014, Ermal Luçi wrote:
>
>> - Full ruleset if you can disclose
>
> As attached - no secrets in it. It's somewhat loose because it's behind
> another firewall (the ADSL modem) that just lets SMTP/HTTP/SSH-secret-port
> through to it (I've masked the SSH port).
>
>> - Make sure with output of pfctl -s all that pf is actually enabled to
>> do filtering on packets.
>
> Attached; the empty "FILTER RULES" looks a bit suspicious...
>
>> NOTE: You enable pf by running pfctl -e
>
> I know; I was using "service pf restart" as well.
What happens when you run: pfctl -f /etc/pf.conf
I suspect you have something in /etc/rc.conf giving a different file for the default pf config file. Your pf.conf file has a bunch of rules, none of which are shown in the pfctl output.
More information about the freebsd-pf
mailing list