From owner-freebsd-pf@FreeBSD.ORG Sat Mar 11 09:38:10 2006 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EB1A116A41F for ; Sat, 11 Mar 2006 09:38:10 +0000 (GMT) (envelope-from Greg.Hennessy@nviz.net) Received: from lon-mail-4.gradwell.net (lon-mail-4.gradwell.net [193.111.201.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2B52843D48 for ; Sat, 11 Mar 2006 09:38:09 +0000 (GMT) (envelope-from Greg.Hennessy@nviz.net) Received: from 88-105-197-146.dynamic.dsl.as9105.com ([88.105.197.146] helo=vaio ident=gregh#pop3&nviz$net) by lon-mail-4.gradwell.net with esmtpa (Gradwell gwh-smtpd 1.214) id 44129a7e.a84e.e4; Sat, 11 Mar 2006 09:38:06 +0000 (envelope-sender ) From: "Greg Hennessy" To: "'Jacob, Raymond A Jr'" , Date: Sat, 11 Mar 2006 09:37:56 -0000 Message-ID: <000001c644ef$7ac4ace0$0301a8c0@vaio> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527 Thread-Index: AcZEmCAXOHyC8MvBQc6G5xQGKtM7PwAVv/0Q In-Reply-To: <653C8E7D21FB654997909E77C691053F446ADB@NAEAWNYDEX21VA.nadsusea.nads.navy.mil> Cc: Subject: RE: Two(2) questions regarding quick and adding rules later. X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2006 09:38:11 -0000 > > All traffic blocked unless I use quick. > tcpdump -n -e -ttt -r /var/log/pflog > showed traffic was blocked by the last rule unless I added > quick to pass rules. > I thought the matching rules would have overiden the block rule? If you don't use quick , the last matching rule wins. Make the very 1st rule block log all And delete any non specific blocks further down. Greg