[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

It works! (was: Very Annoying problem... blocks everything...)



Yeah.. it was getting ugly...
I was trying to keep a nice format to it, as I found out very quickly, it
helps to have a good format.  When your dealing with having to control
packets going in and out, the two lines are the same except for the in and
out statement.
Well, if the two lines are the same length, your ok.  If not, then you
probably got a typo!
But anyway, I took out all of the "quick" statements.  Made it look at LOT
nicer, and improved the comments.
I took out some of the "double" rules that I have... cleaned up where some
of the rules were... took out some I no longer needed because of the
changes.
But..  I finally got it working!  I'm still having to tweak it here and
there...  But it's a great learning process...
I can honestly say, that OBSD's pf is a LOT better than iptables in linux.
The logging function to log into it's own psudo interface is GREAT.
It's a lot eaiser with pf to build some cool stuff.  I did at one point
tighten stuff down too much, so I had to open it up a little here and there.
But like I said, it's a learning process.
Now for another question...   How do I control the bandwidth via OpenBSD to
any given IP Address?  Also, is there anyway to log some stuff to syslog
with prefixes?  That is one thing I like about Linux... just the prefix
option...
btw... thx for the help everyone!
-----Original Message-----
From: Luiz Gustavo [mailto:gustavo@shoptime.com]
Sent: Tuesday, December 17, 2002 11:21 AM
To: shawnm@iodamedia.net
Subject: Re: Very Annoying problem... blocks everything...
On Mon, Dec 16, 2002 at 04:20:01PM -0600, shawnm@iodamedia.net wrote:
> http://www.iodamedia.net/pf.conf
> Go grab it.. and tell me what I'm doing wrong!
 Sorry dude, but your conf looks butt ugly... :/
 Like C code, good style helps a lot.
--
gustavo
DCCC F540 C429 5636 EECF  5816 28E6 792E D820 15DE