Date: Fri, 27 Apr 2007 11:51:00 -0700 From: "Jon Simola" <jsimola@gmail.com> To: freebsd-pf@freebsd.org Subject: Re: why are pf-blocked ips 'leaking' thru to spamd? Message-ID: <8eea04080704271151h18e9a6eds5704e8fb3bb632f0@mail.gmail.com> In-Reply-To: <70f41ba20704271147r566a99d3od45bd04fac484373@mail.gmail.com> References: <70f41ba20704271105m11fa5315kc7c3d715f2d63f61@mail.gmail.com> <8eea04080704271127g70d910bfg82ec652a0c6889bf@mail.gmail.com> <70f41ba20704271143i962a7d3r821ddd34a4409f53@mail.gmail.com> <70f41ba20704271147r566a99d3od45bd04fac484373@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/27/07, snowcrash <schneecrash+pf@gmail.com> wrote: > i suppose alternative would be to, > > --- set require-order yes > +++ set require-order no > > and put some > > block quick <ip-black> > > BEFORE those rdr's ... to prevent those addresses in <ip-black> from > ever seeing the redirection in the first place no rdr proto tcp from <ip-black> to any port smtp ... other rdr stuff ... block from <ip-black> "The no option prefixed to a translation rule causes packets to remain un- translated, much in the same way as drop quick works in the packet filter" -- Jon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8eea04080704271151h18e9a6eds5704e8fb3bb632f0>