Date: Tue, 7 Jun 2005 07:12:43 -0500 From: "John Brooks" <john@day-light.com> To: "Matt Rechkemmer" <tiberius@trancell.org>, <questions@freebsd.org> Subject: RE: pf block question Message-ID: <NHBBKEEMKJDINKDJBJHGEELFJBAD.john@day-light.com> In-Reply-To: <20050607064323.GA29038@sdf.lonestar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Are you sure the ruleset is loaded, and pf is enabled? -- John Brooks john@day-light.com > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Matt Rechkemmer > Sent: Tuesday, June 07, 2005 1:43 AM > To: questions@freebsd.org > Subject: pf block question > > > So, at the very top of my pf "filter" rules, I have these rules: > > block drop in quick on fxp0 inet proto icmp from 1.3.3.7 to any > block drop in quick on fxp0 inet proto tcp from 1.3.3.7 to any > > 1.3.3.7 is a made up IP address ;-). Even with this rule > present, pf allows > traffic from the IP through. I guess I'm a bit confused as to > why it isn't > being dropped. Since it has the "quick" keyword, shouldn't that take > precedence over all other filter rules? > > Any ideas? > > -- > Matt Rechkemmer > tiberius@trancell.org > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NHBBKEEMKJDINKDJBJHGEELFJBAD.john>