ipf rules question
Erik Norgaard
norgaard at locolomo.org
Tue Jul 28 14:35:16 UTC 2009
Erik Norgaard wrote:
> Jay Hall wrote:
>> And, following is the output from ipfstat showing the relevant rule(s).
>>
>> @140 block in quick proto tcp from 82.0.0.0/8 to any port = smtp
>>
> Evidently, things get passed by some other rule, you can get a clue by
> adding the log action to all rules passing packets to port 25 or any port.
And, by the way in ip-filter it is a really good idea to add a default
rule explicitly, always specify network interface and use groups to
organize and optimize your ruleset.
BR, Erik
--
Erik Nørgaard
Ph: +34.666334818/+34.915211157 http://www.locolomo.org
More information about the freebsd-questions
mailing list