[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: transparrant pf bridge



On Wed, May 05, 2004 at 05:29:57PM +0100, P.Harmsen wrote:
> The following pf.conf works but i 
> wonder if it makes sence /has any effect.
What you quoted contains syntax errors and won't parse, so how do you
come to the conclusion that it "works"? If those are just typos, repost
the precise ruleset. Precision is important in this case, people won't
guess what is a typo in a mail and what might be a typo in pf.conf.
First, fix the syntax errors (pfctl tells you what lines they're on,
for instance & vs. $ on macros, trailing :, etc.).
Then verify pfctl successfully loads the ruleset and compare pfctl -sr
output (that's the ruleset that is being used). Make sure pf is enabled
(pfctl -e).
Now test connections that should work and connections that should be
blocked.
This is your tasks as the admin. We don't write your ruleset for you,
rather, we may help you resolve questions or problems writing it. The
point being that you do the bulk of the work, and ask specific questions
:)
Daniel