Date: Sun, 21 Dec 2014 20:29:06 +0100 (CET) From: krichy@tvnetwork.hu To: freebsd-pf@freebsd.org Subject: nested anchors Message-ID: <alpine.DEB.2.11.1412212026180.5729@krichy.tvnetwork.hu>
next in thread | raw e-mail | index | archive | help
Dear pf devs,
I found that on FreeBSD 10.1 nested anchors does not work.
This simple config passes traffic from any to 10.2.1.0/24:
anchor from any to 10.2.1.0/24 {
pass quick all
block
block log (to pflog1)
}
If the inner pass is enclosed in another anchor, then the filter drops
packets:
anchor from any to 10.2.1.0/24 {
anchor all {
pass quick all
block
}
block log (to pflog1)
}
That would be very nice to have this working.
Regards,
Kojedzinszky Richard
Euronet Magyarorszag Informatika Zrt.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.DEB.2.11.1412212026180.5729>