do not work nested unnamed anchor
Igor A. Valcov
viaprog at gmail.com
Fri May 9 12:54:44 UTC 2008
Hello.
For example:
==== pf.conf ====
ext_if="xl0"
ip_world="nn.nn.nn.nn"
# Filter rules
block log all
anchor in on $ext_if {
pass quick proto tcp to $ip_world port 22 keep state
# SSH
pass quick proto tcp to $ip_world port 25 keep state
# SMTP
pass quick proto tcp to $ip_world port 110 keep state
# POP3
anchor {
pass quick proto tcp to $ip_world port 995 keep state
# POP3S
}
}
============
nmap results:
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 4.5p1 (FreeBSD 20061110; protocol 2.0)
25/tcp open smtp?
110/tcp open pop3 Openwall popa3d
I can not understand what the problem...
FreeBSD-7.0-RELEASE-p1
i386
--
Igor A. Valcov
More information about the freebsd-pf
mailing list