pf block question
Giorgos Keramidas
keramida at ceid.upatras.gr
Fri Jun 10 18:33:57 GMT 2005
On 2005-06-09 13:48, Matt Rechkemmer <tiberius at trancell.org> wrote:
> On Thu, Jun 09, 2005 at 01:51:16PM +0300, Giorgos Keramidas wrote:
> >
> > If you add "quick" to the `block from <badhosts>' rule, packets from
> > these hosts will immediately be dropped -- which is what you probably
> > want to do, if I have understood what you wrote so far.
>
> OK, I've added quick to the rule (surprised I forgot it there). Here's the
> new rule: block drop quick on fxp0 from <badhosts> to any. Now, when I send
> ICMP packets to that host (for testing), I *still* get them back but with an
> extreme amount of loss. If I comment the rule, the loss disappears.
>
> I'm at a loss as to why the traffic still isn't dropped.
Existing icmp states?
Did you reload the rules with:
/etc/rc.d/pf reload
or by directly running pfctl?
More information about the freebsd-questions
mailing list