Date: Fri, 3 May 2013 21:29:37 -0700 (PDT) From: Nomad Esst <noname.esst@yahoo.com> To: Patrick Lamaiziere <patfbsd@davenulle.org>, "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org> Subject: Re: skipto keyword in pf Message-ID: <1367641777.53540.YahooMailNeo@web162702.mail.bf1.yahoo.com> In-Reply-To: <20130502131038.72cc6020@davenulle.org> References: <1367394412.46533.YahooMailNeo@web162703.mail.bf1.yahoo.com> <20130501235946.GS6396@verio.net> <1367474077.47142.YahooMailNeo@web162705.mail.bf1.yahoo.com> <20130502131038.72cc6020@davenulle.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>Well, tags could help here. With a concrete example of what you want, it >would be easier to suggest a solution. >Regards. Aren't anchors useful as David DeSimone said? Another question, is it possible to negate a rule or feature in a rule? I mean pass all traffic which DO NOT match the rule ? e.g. using "!" sign. From owner-freebsd-pf@FreeBSD.ORG Sat May 4 13:44:32 2013 Return-Path: <owner-freebsd-pf@FreeBSD.ORG> Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 65D87B39 for <freebsd-pf@freebsd.org>; Sat, 4 May 2013 13:44:32 +0000 (UTC) (envelope-from flo@smeets.im) Received: from mail.solomo.de (mail.solomo.de [5.9.87.18]) by mx1.freebsd.org (Postfix) with ESMTP id 2416C1BDC for <freebsd-pf@freebsd.org>; Sat, 4 May 2013 13:44:31 +0000 (UTC) Received: from cpos1.nexxtmobile.de (localhost [127.0.0.1]) by mail.solomo.de (Postfix) with ESMTP id 1B239DC17; Sat, 4 May 2013 15:44:25 +0200 (CEST) X-Virus-Scanned: amavisd-new at nexxtmobile.de Received: from mail.solomo.de ([127.0.0.1]) by cpos1.nexxtmobile.de (cpos1.nexxtmobile.de [127.0.0.1]) (amavisd-new, port 10024) with LMTP id V2qYXNCCJPWb; Sat, 4 May 2013 15:44:23 +0200 (CEST) Received: from nibbler-osx.fritz.box (unknown [IPv6:2001:4dd0:ff00:8bb6:3864:efd0:2d80:97b9]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.solomo.de (Postfix) with ESMTPSA id 58D41DC0E; Sat, 4 May 2013 15:44:23 +0200 (CEST) Message-ID: <518510B6.8000309@smeets.im> Date: Sat, 04 May 2013 15:44:22 +0200 From: Florian Smeets <flo@smeets.im> User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:23.0) Gecko/20100101 Thunderbird/23.0a1 MIME-Version: 1.0 To: Jason Hellenthal <jhellenthal@dataix.net>, "freebsd-pf@FreeBSD.org" <freebsd-pf@freebsd.org> Subject: Re: IGMP with no matching rules References: <86C973B6-D12D-41AA-A1F9-D93E1C60856F@DataIX.net> In-Reply-To: <86C973B6-D12D-41AA-A1F9-D93E1C60856F@DataIX.net> X-Enigmail-Version: 1.6a1pre Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="----enig2QSLCCNIPDMCKCOVFCNDR" X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" <freebsd-pf.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-pf>, <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>; List-Post: <mailto:freebsd-pf@freebsd.org> List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>, <mailto:freebsd-pf-request@freebsd.org?subject=subscribe> X-List-Received-Date: Sat, 04 May 2013 13:44:32 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------enig2QSLCCNIPDMCKCOVFCNDR Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 04.05.13 09:36, Jason Hellenthal wrote: > Hey Everyone, >=20 > Has anyone seen IGMP traffic hit there pflog interface even if there > are no rules matching that tell it to log ? >=20 > Anyone that has a pointer to eliminate the logging of the IGMP > traffic would be extremely helpful. This has been fairly frustrating > up to this point trying to either create a rule to catch it that does > not specify logging or eliminate rules that shouldn't be matching but > do. >=20 It would be easier to tell with your rule set, but I think this may be related to IP options, look for allow-opts in pf.conf(5). Florian ------enig2QSLCCNIPDMCKCOVFCNDR Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAlGFELYACgkQapo8P8lCvwmwMQCfZd2ObWwKzyFDygeALM78FbCO YkgAoIOKN690SN4us/gsr46BHKeUqeQX =FE0H -----END PGP SIGNATURE----- ------enig2QSLCCNIPDMCKCOVFCNDR--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1367641777.53540.YahooMailNeo>