pf broken in 7.0-BETA1 ?
Paul Schenkeveld
fb-stable at psconsult.nl
Sun Oct 28 14:50:09 PDT 2007
On Sun, Oct 28, 2007 at 04:34:56PM -0300, Andrew Birukov wrote:
> Ermal Luçi wrote:
> >Try using
> >
> >pass out on $ext_if proto tcp from any to any tos 0x10 no keep state queue
> >ssh
> >
> >and it should work as you expect!
>
> pf.conf
> -------------------------------------------------------------------
> ext_if="xl0"
>
> altq on $ext_if priq bandwidth 520Kb queue { ssh, traf }
> queue ssh priority 1
> queue traf priority 15 priq(default)
>
> pass in all
> pass out all
>
> pass out on $ext_if proto tcp from any to any tos 0x10 no keep state
> queue ssh
> -------------------------------------------------------------------
>
> # /etc/rc.d/pf restart
> Disabling pf.
> pf disabled
> Enabling pf.
> /etc/pf.conf:10: syntax error
> pfctl: Syntax error in config file: pf rules not loaded
> pf enabled
>
> Unfortunately syntax error...
Should be "no state" according to pf.conf(5)
> --
> Andrew Biriukov
> amb at amb.kiev.ua
Paul Schenkeveld
More information about the freebsd-pf
mailing list