first firewall with pf
Michael K. Smith - Adhost
mksmith at adhost.com
Tue Mar 24 10:18:55 PDT 2009
I also forgot to mention:
You should probably log your block rule so that you can see what's going on if things don't work as expected.
So:
block in log on $ext_if
Note the lack of "quick" as well, as previously mentioned.
With logging enabled, provided you have pflog running (which you should), you can use the following to see what's being blocked.
tcpdump -n -e -ttt -i pflog0 (provided pflog0 is your pflog interface).
Regards,
Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 474 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090324/11880abf/PGP.pgp
More information about the freebsd-questions
mailing list