pkg slow down a lot with simple firewall.
Doug Hardie
bc979 at lafn.org
Wed May 27 21:24:43 UTC 2020
> On 27 May 2020, at 14:16, Donald Mickunas <dmickunas1954 at fastmail.com> wrote:
>
> Thank you for you suggestion, Cristian.
>
> I have implemented your suggestion with unexpected results. Note: I did reboot the system after I changed rc.conf.
>
> $ cat /etc/pf.conf
> set skip on lo0
> block all
> pass in proto tcp to port { 22 }
> pass out proto { tcp udp } to port { 22 53 80 123 443 }
> pass out inet proto icmp icmp-type { echoreq }
>
> $ sudo tcpdump -n -e -ttt -r /var/log/pflog
> reading from file /var/log/pflog, link-type PFLOG (OpenBSD pflog file)
> $
>
> no output. Did I miss something?
You do not have an "log" commands in pf.conf. Add a "log" after "in" or "out" on each pass line. Then pf will do the logging.
-- Doug
More information about the freebsd-pf
mailing list