first firewall with pf
forn
forn at ngs.ru
Tue Mar 24 12:06:16 PDT 2009
"block in quick on $ext_if all" being the last and "block in on $ext_if
all" being the first do absolutely the same thing. No point in changing.
Eric, you might want to just do "set skip on lo" instead of allowing all
through it, and add "scrub in" to normalize packets coming in.
Dave Feustel wrote:
> Change this rule to
> block in on $ex_if all
> and then make it the first rule.
> The word 'quick' says don't evaluate any more rules if this matches.
> _______________________________________________
> freebsd-pf at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"
>
More information about the freebsd-pf
mailing list