Date: Mon, 10 Jul 2006 23:48:45 -0700 From: "Kian Mohageri" <kian.mohageri@gmail.com> To: "Michael Vince" <mv@thebeastie.org> Cc: freebsd-pf@freebsd.org Subject: Re: PF firewall rules Message-ID: <fee88ee40607102348w3bd6c7caj2b0b9bea6387b26b@mail.gmail.com> In-Reply-To: <44B339D6.7090401@thebeastie.org> References: <D5972F49810A69449A9EA72A4B360DC2D0A38F@e1.universe.dart.spb> <44B339D6.7090401@thebeastie.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 7/10/06, Michael Vince <mv@thebeastie.org> wrote:
>
> Dmitry Andrianov wrote:
> So to block to block IP 192.168.1.17 from connecting *out* to anything
> on the internet I have to use a "block in" statement and there is no
> other way of doing this rule?
> block in quick on $int_if proto { tcp, udp, icmp } from 192.168.1.17 to
> any
I'm not sure if I'm understanding you correctly, but if having the direction
in the rule is confusing to you, you can leave it out:
block quick on $int_If proto { tcp, udp, icmp } from 192.168.1.17 to any
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?fee88ee40607102348w3bd6c7caj2b0b9bea6387b26b>