[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSH from admin machine

On Mon, 8 Nov 2004 18:39:53 +0100
Henning Brauer <[email protected]> wrote:
>* [email protected] <[email protected]> [2004-11-07
>19:59]:> On Sun, 7 Nov 2004, messmate wrote:
>> > pass in quick on $internal proto tcp from $TRUST_IP to any port =
>22> > flags S keep state
>> remove the = sign
>> pass in quick on $internal proto tcp from $TRUST_IP to any port 22
>why do people keep posting bullshit answers like that? can't you at 
>least TRY his rule before spreading misinformation?
>it is not about you personally, but far too often we see lies posted 
>here, because the poster didn't bother to verify his answer. This is 
>not helping anybody - the opposite is true.
??? Who's spreading misinformation ??
I've got the right answer from Daniel Hartmeier:
<It's not removal of the '=' that makes your third rule work. You must
have removed 'flags S' at the same time, and drawn the wrong conclusion.
'flags S' is invalid since a couple of releases.>
I've taken the rule from an ( to old ?) example.
If this can help anyone..
But WHERE can i get a recent documentation about PF ??